Re: V počítači stále ubývá místo prosím o kontrolu logu.
Napsal: 21 zář 2019 09:39
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2019 01
Ran by CloudGirl (administrator) on CLOUDGIRLS (21-09-2019 09:36:08)
Running from C:\Users\CloudGirl\Desktop
Loaded Profiles: CloudGirl (Available Profiles: CloudGirl)
Platform: Windows 10 Pro Version 1903 18362.356 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.5.1.620\ASUSWSLoader.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_633ce1cc6aa6428c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_633ce1cc6aa6428c\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
(ManyCam -> Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\dotnet\dotnet.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wargaming.net Limited -> Wargaming.net) E:\World_of_Tanks\WargamingGameUpdater.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.5.1.620\ASUSWSLoader.exe [63904 2019-05-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [555832 2014-03-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5007408 2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [93731768 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26282160 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1266872 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Discord] => C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35941264 2019-09-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3215312 2019-09-20] (Valve -> Valve Corporation)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662960 2019-05-08] (NZXT -> NZXT)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2565496 2019-09-16] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3115792 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\Update.exe [1790704 2019-09-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Spotify] => C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe [24274336 2019-09-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10116392 2015-12-21] (ManyCam -> Visicom Media Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [World of Tanks] => E:\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\MountPoints2: {26f8bd25-810a-11e9-97b1-3497f668da96} - "J:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-18] (Google LLC -> Google LLC)
Startup: C:\Users\CloudGirl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-09-02]
ShortcutTarget: Twitch.lnk -> C:\Users\CloudGirl\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {08F5A5BF-EC02-4B8D-BE5B-CED9BE95C9A7} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {0CC1993F-F22D-4861-B44E-335A7F4315E1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162872 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {14EF44C7-738A-4FDF-9E76-9F6AF6378DCF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27293808 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {18F3BB4B-3A5C-4629-A133-551BDE445762} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {255FD07B-DCAF-46ED-959B-CBFDB55DA20B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B32C0CC-4319-40BB-AAA0-AE1B5F2B9091} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {336709C6-2F42-4321-9971-EC734A1E2CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {490569C5-4B39-499B-B7B7-0844EEB3DEC1} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-11-24] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {63530804-CB8F-4665-83D3-BE575D252967} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162872 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {670752B1-2622-4FFE-9723-5208DA30BDBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311576 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {741FEC3E-8261-4EBA-A336-E567058B20A2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {751C69BE-A9DA-4268-A3F0-FAD9F7FC65C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311576 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {75F22154-3256-44CD-8DF4-85C44DDCB71E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8271113D-AEC9-435A-B709-E4A453E13FDA} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2096088 2018-01-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {847B4DE5-1829-4DE7-8B86-05BB5BCF96EE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {854D8E75-45CE-445A-8A57-9AF67D706BCA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88F8762E-11AB-4AD6-AFF7-9DD497880239} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {940C6C8B-63F8-4BDA-9EDC-54B1C5F39824} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1448408 2017-11-24] (ASUSTeK Computer Inc. -> )
Task: {9714EEE3-B49C-4F58-AD2A-1D7D92407A92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-27] (Google Inc -> Google LLC)
Task: {A1C4AE40-B58B-40B6-B864-7FFA5358B766} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-27] (Google Inc -> Google LLC)
Task: {AE76F920-1808-41AC-9542-005D38BDAAFE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [814872 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {B08DC1E5-FCBE-4CE5-8630-6B1399F28CED} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe [343664 2019-05-08] (NZXT -> )
Task: {BAC91374-40B5-4F12-B5A5-5A98AB65CAC7} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-I261OMG-CloudGirl => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D9864668-8541-450A-92B7-237FED2827A1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC64F5CA-3043-4974-9B74-DCBF54117319} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {E53FAAC1-B790-4BCC-880E-6164FDB7B51C} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {E5D3B2D3-B3C4-4B11-9BAF-7AD8F56F93BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E81287A4-CE60-4006-B66A-DBD0C066158A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2346104 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFAD1CF0-ED4C-4A58-BEAF-9C15253B116D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F648D85D-9D2B-4CB9-93FF-4243D49CAC1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27293808 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFAB7957-877F-4591-B420-A55965681084} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03d1db7c-3687-4920-b467-b77a278413fd}: [NameServer] 192.168.1.150
Tcpip\..\Interfaces\{03d1db7c-3687-4920-b467-b77a278413fd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60915370-0682-42e2-8017-13da167aba76}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3287404520-2536224542-2168984755-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default [2019-09-21]
CHR Extension: (Slides) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-27]
CHR Extension: (Docs) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-27]
CHR Extension: (Google Drive) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-27]
CHR Extension: (YouTube) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-27]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Adobe Acrobat) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-14]
CHR Extension: (Sheets) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-27]
CHR Extension: (Google Docs Offline) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-27]
CHR Extension: (Gmail) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-06-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122736 2017-08-11] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-05-27] (BattlEye Innovations e.K. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe [73200 2019-08-12] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11644008 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3481792 2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-03-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-07] (FUTUREMARK INC -> Futuremark)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2109376 2019-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Microsoft IIS Administration; C:\Program Files\dotnet\dotnet.exe [145496 2019-02-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [2020024 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2323632 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Survarium-Steam Update Service (64-bit); H:\SteamLibrary\steamapps\common\Survarium\game\binaries\x64\survarium_service.exe [140480 2019-09-20] (Ukrainian Games Technologies LLC -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-06-21] (ASUSTeK Computer Inc. -> )
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-09-21] (CPUID S.A.R.L.U. -> CPUID)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-05-02] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [50488 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-21] (Malwarebytes Corporation -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2019-07-26] (Macrovision Europe Ltd) [File not signed]
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4333568 2013-02-01] (C-Media Electronics Inc) [File not signed]
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47704 2019-07-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [367032 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-09-21] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
Ran by CloudGirl (administrator) on CLOUDGIRLS (21-09-2019 09:36:08)
Running from C:\Users\CloudGirl\Desktop
Loaded Profiles: CloudGirl (Available Profiles: CloudGirl)
Platform: Windows 10 Pro Version 1903 18362.356 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.5.1.620\ASUSWSLoader.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_633ce1cc6aa6428c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_633ce1cc6aa6428c\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
(ManyCam -> Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\dotnet\dotnet.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wargaming.net Limited -> Wargaming.net) E:\World_of_Tanks\WargamingGameUpdater.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.5.1.620\ASUSWSLoader.exe [63904 2019-05-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [555832 2014-03-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5007408 2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [93731768 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26282160 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1266872 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Discord] => C:\Users\CloudGirl\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35941264 2019-09-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3215312 2019-09-20] (Valve -> Valve Corporation)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [CAM] => C:\Program Files (x86)\NZXT\CAM\Launcher\CAM.exe [67662960 2019-05-08] (NZXT -> NZXT)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2565496 2019-09-16] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3115792 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\CloudGirl\AppData\Local\Microsoft\Teams\Update.exe [1790704 2019-09-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [Spotify] => C:\Users\CloudGirl\AppData\Roaming\Spotify\Spotify.exe [24274336 2019-09-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [10116392 2015-12-21] (ManyCam -> Visicom Media Inc.)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\Run: [World of Tanks] => E:\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3287404520-2536224542-2168984755-1001\...\MountPoints2: {26f8bd25-810a-11e9-97b1-3497f668da96} - "J:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-18] (Google LLC -> Google LLC)
Startup: C:\Users\CloudGirl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-09-02]
ShortcutTarget: Twitch.lnk -> C:\Users\CloudGirl\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {08F5A5BF-EC02-4B8D-BE5B-CED9BE95C9A7} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {0CC1993F-F22D-4861-B44E-335A7F4315E1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162872 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {14EF44C7-738A-4FDF-9E76-9F6AF6378DCF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27293808 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {18F3BB4B-3A5C-4629-A133-551BDE445762} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {255FD07B-DCAF-46ED-959B-CBFDB55DA20B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B32C0CC-4319-40BB-AAA0-AE1B5F2B9091} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {336709C6-2F42-4321-9971-EC734A1E2CE9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {490569C5-4B39-499B-B7B7-0844EEB3DEC1} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-11-24] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {63530804-CB8F-4665-83D3-BE575D252967} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162872 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {670752B1-2622-4FFE-9723-5208DA30BDBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311576 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {741FEC3E-8261-4EBA-A336-E567058B20A2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {751C69BE-A9DA-4268-A3F0-FAD9F7FC65C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6311576 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {75F22154-3256-44CD-8DF4-85C44DDCB71E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8271113D-AEC9-435A-B709-E4A453E13FDA} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2096088 2018-01-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {847B4DE5-1829-4DE7-8B86-05BB5BCF96EE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {854D8E75-45CE-445A-8A57-9AF67D706BCA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88F8762E-11AB-4AD6-AFF7-9DD497880239} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {940C6C8B-63F8-4BDA-9EDC-54B1C5F39824} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1448408 2017-11-24] (ASUSTeK Computer Inc. -> )
Task: {9714EEE3-B49C-4F58-AD2A-1D7D92407A92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-27] (Google Inc -> Google LLC)
Task: {A1C4AE40-B58B-40B6-B864-7FFA5358B766} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-27] (Google Inc -> Google LLC)
Task: {AE76F920-1808-41AC-9542-005D38BDAAFE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [814872 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {B08DC1E5-FCBE-4CE5-8630-6B1399F28CED} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe [343664 2019-05-08] (NZXT -> )
Task: {BAC91374-40B5-4F12-B5A5-5A98AB65CAC7} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-I261OMG-CloudGirl => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D9864668-8541-450A-92B7-237FED2827A1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC64F5CA-3043-4974-9B74-DCBF54117319} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {E53FAAC1-B790-4BCC-880E-6164FDB7B51C} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {E5D3B2D3-B3C4-4B11-9BAF-7AD8F56F93BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177176 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E81287A4-CE60-4006-B66A-DBD0C066158A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2346104 2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFAD1CF0-ED4C-4A58-BEAF-9C15253B116D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F648D85D-9D2B-4CB9-93FF-4243D49CAC1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27293808 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFAB7957-877F-4591-B420-A55965681084} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{03d1db7c-3687-4920-b467-b77a278413fd}: [NameServer] 192.168.1.150
Tcpip\..\Interfaces\{03d1db7c-3687-4920-b467-b77a278413fd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60915370-0682-42e2-8017-13da167aba76}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3287404520-2536224542-2168984755-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default [2019-09-21]
CHR Extension: (Slides) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-27]
CHR Extension: (Docs) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-27]
CHR Extension: (Google Drive) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-27]
CHR Extension: (YouTube) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-27]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-27]
CHR Extension: (Adobe Acrobat) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-14]
CHR Extension: (Sheets) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-27]
CHR Extension: (Google Docs Offline) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-09-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-27]
CHR Extension: (Gmail) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-27]
CHR Extension: (Chrome Media Router) - C:\Users\CloudGirl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-06-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122736 2017-08-11] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-05-27] (BattlEye Innovations e.K. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\77.0.3865.32\remoting_host.exe [73200 2019-08-12] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11644008 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3481792 2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-03-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-07] (FUTUREMARK INC -> Futuremark)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2109376 2019-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Microsoft IIS Administration; C:\Program Files\dotnet\dotnet.exe [145496 2019-02-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [2020024 2019-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2323632 2019-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2347824 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3222320 2019-09-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Survarium-Steam Update Service (64-bit); H:\SteamLibrary\steamapps\common\Survarium\game\binaries\x64\survarium_service.exe [140480 2019-09-20] (Ukrainian Games Technologies LLC -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-23] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-06-21] (ASUSTeK Computer Inc. -> )
R3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2019-09-21] (CPUID S.A.R.L.U. -> CPUID)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-02-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-05-02] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [50488 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [76896 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-21] (Malwarebytes Corporation -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_e2424f83c0e047af\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1131024 2018-10-23] (Realtek Semiconductor Corp. -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2019-07-26] (Macrovision Europe Ltd) [File not signed]
R3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [715680 2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4333568 2013-02-01] (C-Media Electronics Inc) [File not signed]
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47704 2019-07-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [367032 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-05] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-09-21] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========