Poprosím o preventivku

Zpráva

ReZisten · #1 Příspěvek od **ReZisten** » 19 lis 2019 17:55

Dobrý den, upgradoval jsem trochu PC o RAMku a CPU, tak poprosím ještě o preventivku ať je PC v pohodě i po SW stránce, předem děkuji.

Zde vkládám log z RSITu a FRST

RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by SWAN at 2019-11-19 17:56:39
Microsoft Windows 10 Pro
System drive C: has 85 GB (29%) free of 299 GB
Total RAM: 7378 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:42, on 19.11.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\SWAN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\SWAN\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-610 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-610 Series"
O4 - HKCU\..\Run: [Spotify] C:\Users\SWAN\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Windows\SysWOW64\muachost.exe /RestartByRestartManager:8F7973AA-DB39-4a1e-8A1D-1A928A473027 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Windows\SysWOW64\muachost.exe /RestartByRestartManager:8F7973AA-DB39-4a1e-8A1D-1A928A473027 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba %1!s! Update (avg) (avg) - AVG Technologies - C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avgm) (avgm) - AVG Technologies - C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
O23 - Service: AVG Secure Browser Elevation Service (AVGSecureBrowserElevationService) - AVG Technologies - C:\Program Files (x86)\AVG\Browser\Application\77.1.1833.92\elevation_service.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSISleep - Unknown owner - C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI Super Charger Service (MSI_SuperCharger) - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13241 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\atiesrxx.exe
atieclxx

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

C:\WINDOWS\system32\WLANExt.exe 1962647434400
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s

C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {05841ab7-b52c-40bc-9f74e0206d95e3db}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k netsvcs
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
AVGUI.exe /nogui
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=1824,13014343194744183040,18281385533789022513,131072 --no-sandbox --log-file="C:\Users\SWAN\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.3108)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=14766105033655146797 --mojo-platform-channel-handle=3528 /prefetch:2
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Steam\Steam.exe" -- "steam://rungameid/730"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\SWAN\AppData\Local\Steam\htmlcache" "-steampid=7204" "-buildid=1573780595" "-steamid=0" "-steamuniverse=Public" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --disable-accelerated-video-decode --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\SWAN\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1573780595 --initial-client-data=0x64,0x2d4,0x2e0,0x60,0x2e4,0x7ffce037da70,0x7ffce037da80,0x7ffce037da90
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1496,9200573945483933320,10080606085038414884,131072 --disable-features=OutOfBlinkCors --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1573780595 --steamid=0 --gpu-preferences=KAAAAAAAAADhAAAgAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=4505545466377077331 --mojo-platform-channel-handle=1516 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1496,9200573945483933320,10080606085038414884,131072 --disable-features=OutOfBlinkCors --lang=cs --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1573780595 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=9039543401839682683 --mojo-platform-channel-handle=2032 /prefetch:8
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1496,9200573945483933320,10080606085038414884,131072 --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1573780595 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12315469004060908735 --renderer-client-id=5 --mojo-platform-channel-handle=2816 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1496,9200573945483933320,10080606085038414884,131072 --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1573780595 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12415873378516327912 --renderer-client-id=6 --mojo-platform-channel-handle=2968 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1496,9200573945483933320,10080606085038414884,131072 --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1573780595 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12064484369910792603 --renderer-client-id=7 --mojo-platform-channel-handle=2984 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x548
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=78.0.3904.97 --initial-client-data=0x88,0x8c,0x90,0x80,0x94,0x7ffd08f4ed58,0x7ffd08f4ed68,0x7ffd08f4ed78
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10188 --on-initialized-event-handle=584 --parent-handle=588 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --enable-gpu-rasterization --disable-breakpad --gpu-preferences=KAAAAAAAAADgAACwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14605021356107255271 --mojo-platform-channel-handle=1676 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=1882358611664157394 --mojo-platform-channel-handle=1836 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1462349650632519287 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2192 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8319493852495257417 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9222500746671007909 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --service-sandbox-type=audio --service-request-channel-token=17673765966259830963 --mojo-platform-channel-handle=2664 /prefetch:8
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8278312395910886664 --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9976 /prefetch:1
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\SWAN\Desktop\FRST.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1276,15129211215456708644,2721009540135537953,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1715661303305061908 --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
"C:\WINDOWS\System32\Taskmgr.exe" /3
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\SWAN\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\EPSON XP-610 Series Invitation {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE /EXE:"{2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}" /F:"Invitation"
C:\WINDOWS\tasks\EPSON XP-610 Series Invitation {F046D536-3200-4F23-BAD7-73FA9472B4DD}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE /EXE:"{F046D536-3200-4F23-BAD7-73FA9472B4DD}" /F:"Invitation"
C:\WINDOWS\tasks\EPSON XP-610 Series Update {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE /EXE:"{2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}" /F:"Update"
C:\WINDOWS\tasks\EPSON XP-610 Series Update {F046D536-3200-4F23-BAD7-73FA9472B4DD}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE /EXE:"{F046D536-3200-4F23-BAD7-73FA9472B4DD}" /F:"Update"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-05-16 9270560]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2019-10-06 316336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gaijin.Net Agent"=C:\Users\SWAN\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2018-09-25 2125384]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [2013-01-24 297024]
"EPLTarget\P0000000000000001"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [2013-01-24 297024]
"Spotify"=C:\Users\SWAN\AppData\Roaming\Spotify\Spotify.exe [2019-10-23 21282208]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-11-14 3284944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2019-02-05 19645800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programy\iTunes\iTunesHelper.exe [2018-11-15 301880]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2019-04-02 5890504]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2016-06-14 835680]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2017-11-10 1028280]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
"NoDrives"=0
"NoResolveSearch"=1
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-11-19 17:51:15 ----D---- C:\rsit
2019-11-19 17:51:15 ----D---- C:\Program Files\trend micro
2019-11-19 17:41:40 ----D---- C:\FRST
2019-11-19 10:20:58 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-11-16 17:07:35 ----D---- C:\WINDOWS\Minidump
2019-11-12 19:12:10 ----D---- C:\WINDOWS\SYSWOW64\directx
2019-11-12 19:11:25 ----D---- C:\Program Files (x86)\MSI Afterburner
2019-11-12 19:04:17 ----D---- C:\Program Files (x86)\SpeedFan
2019-11-12 18:44:26 ----D---- C:\Program Files\Core Temp
2019-11-12 18:38:59 ----D---- C:\ProgramData\ATI
2019-11-12 18:33:37 ----D---- C:\WINDOWS\LastGood.Tmp
2019-11-12 18:31:10 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\mantle64.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\drivers\amdkmafd.sys
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\detoured.dll
2019-11-12 18:31:10 ----A---- C:\WINDOWS\system32\DelayAPO.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\clinfo.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\ativce03.dat
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\ativce02.dat
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atiumd64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atitmm64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atisamu64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\ATIODE.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atio6axx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atimuixx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atimpc64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atig6txx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atieclxx.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atieah64.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atidemgy.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\amdxc64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe
2019-11-12 18:31:09 ----A---- C:\WINDOWS\system32\amdocl_as64.exe
2019-11-12 18:31:08 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2019-11-12 18:31:08 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2019-11-12 18:31:08 ----A---- C:\WINDOWS\system32\amdocl64.dll
2019-11-12 18:31:08 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amde31a.dat
2019-11-12 18:31:07 ----A---- C:\WINDOWS\system32\amdave64.dll
2019-11-10 21:02:57 ----D---- C:\Users\SWAN\AppData\Roaming\Cytomic
2019-11-10 19:53:19 ----D---- C:\Program Files\FabFilter
2019-11-10 17:49:59 ----D---- C:\Users\SWAN\AppData\Roaming\iZotope
2019-11-10 17:41:01 ----D---- C:\Program Files (x86)\iZotope

======List of files/folders modified in the last 1 month======

2019-11-19 17:51:19 ----D---- C:\WINDOWS\Prefetch
2019-11-19 17:51:18 ----D---- C:\WINDOWS\Temp
2019-11-19 17:51:15 ----RD---- C:\Program Files
2019-11-19 17:42:59 ----SHD---- C:\System Volume Information
2019-11-19 17:29:00 ----D---- C:\WINDOWS\system32\sru
2019-11-19 17:04:52 ----SHD---- C:\WINDOWS\Installer
2019-11-19 16:47:20 ----D---- C:\Program Files (x86)\Steam
2019-11-19 15:42:03 ----D---- C:\Program Files (x86)\UOS
2019-11-19 10:42:41 ----D---- C:\WINDOWS\system32\SleepStudy
2019-11-19 10:23:50 ----D---- C:\WINDOWS\AppReadiness
2019-11-19 10:23:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-11-19 10:20:59 ----D---- C:\WINDOWS\system32\catroot2
2019-11-19 10:20:58 ----D---- C:\WINDOWS\system32\drivers
2019-11-18 17:51:51 ----D---- C:\WINDOWS\system32\config
2019-11-18 17:50:11 ----RD---- C:\WINDOWS\Microsoft.NET
2019-11-17 18:57:15 ----D---- C:\ProgramData\ValhallaVintageVerbPreferences
2019-11-17 18:57:15 ----D---- C:\ProgramData\ValhallaVintageVerb
2019-11-16 17:07:35 ----D---- C:\Windows
2019-11-16 16:45:02 ----D---- C:\WINDOWS\System32
2019-11-16 16:45:02 ----D---- C:\WINDOWS\INF
2019-11-16 16:45:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-14 17:19:19 ----D---- C:\WINDOWS\system32\Tasks
2019-11-13 22:02:02 ----D---- C:\Program Files\UltraDefrag
2019-11-13 21:57:40 ----D---- C:\Program Files\CCleaner
2019-11-13 21:56:52 ----RD---- C:\Program Files (x86)
2019-11-12 19:20:55 ----D---- C:\WINDOWS\SysWOW64
2019-11-12 19:20:07 ----D---- C:\WINDOWS\system32\appmgmt
2019-11-12 19:19:12 ----D---- C:\Program Files (x86)\MSI
2019-11-12 19:19:10 ----D---- C:\MSI
2019-11-12 19:18:34 ----D---- C:\Program Files\CPUID
2019-11-12 19:12:02 ----RSD---- C:\WINDOWS\Fonts
2019-11-12 18:38:59 ----HD---- C:\ProgramData
2019-11-12 18:35:03 ----D---- C:\WINDOWS\system32\DriverStore
2019-11-12 18:34:34 ----D---- C:\Program Files\AMD
2019-11-12 18:34:10 ----D---- C:\WINDOWS\system32\CatRoot
2019-11-12 18:32:41 ----D---- C:\Program Files (x86)\AMD
2019-11-12 18:32:39 ----D---- C:\ProgramData\AMD
2019-11-12 18:32:24 ----D---- C:\Program Files (x86)\ATI Technologies
2019-11-12 16:21:19 ----D---- C:\AMD
2019-11-10 21:08:30 ----D---- C:\Users\SWAN\AppData\Roaming\uTorrent
2019-11-10 21:05:30 ----D---- C:\Program Files (x86)\Common Files
2019-11-10 21:02:30 ----D---- C:\Program Files (x86)\VstPlugins
2019-11-10 20:02:36 ----D---- C:\Users\SWAN\AppData\Roaming\FabFilter
2019-11-10 19:53:20 ----D---- C:\Program Files\Common Files\VST3
2019-11-05 15:52:03 ----D---- C:\Program Files (x86)\Google
2019-11-01 16:39:07 ----D---- C:\Users\SWAN\AppData\Roaming\Spotify
2019-10-21 15:13:57 ----D---- C:\WINDOWS\SoftwareDistribution
2019-10-21 15:13:48 ----D---- C:\WINDOWS\debug
2019-10-20 20:15:00 ----DC---- C:\WINDOWS\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2017-01-29 85704]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2017-01-29 43720]
R0 avgArDisk;avgArDisk; C:\WINDOWS\system32\drivers\avgArDisk.sys [2019-10-06 37880]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2019-10-06 210328]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2019-10-06 65376]
R0 avgElam;avgElam; C:\WINDOWS\system32\drivers\avgElam.sys [2019-10-06 16520]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2019-10-06 84560]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2019-10-06 317304]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-01-08 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2019-10-04 241976]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2019-10-06 205600]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2019-10-06 275232]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2019-10-06 43512]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2019-10-06 111096]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2019-10-06 848688]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2019-10-06 461216]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-05 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2019-11-02 171640]
R2 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2019-10-06 236288]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-12 452096]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-02-02 184320]
R2 RAMDriv;@oem6.inf,%DiskServiceDesc%;MSI RAMDrive; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [2016-03-10 86936]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-16 21622272]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-16 665088]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-07-22 102912]
R3 dtlitescsibus;@oem16.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-04-03 30352]
R3 Hamachi;@oem0.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2019-02-11 45680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-05-16 6849624]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-11-19 275232]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2012-11-26 13368]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
S0 amdkmafd;@oem8.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-06-03 31992]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-06-26 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S2 APXACC;@oem14.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys []
S2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-01-08 51712]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-03-12 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-04 104248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-01-08 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-11 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-10-04 1232384]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-10-04 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 cpuz136;cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 GPUZ;GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-06-13 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-10-04 290304]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 Netaapl;@oem1.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\WINDOWS\System32\drivers\netaapl64.sys [2016-12-21 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 NTIOLib_1_0_2;NTIOLib_1_0_2; \??\C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2012-02-14 13328]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-10-04 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-09-15 202240]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-16 246784]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-10-16 85304]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2019-10-06 996928]
R2 AvgWscReporter;AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [2019-10-06 110560]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_3beed;CDPUserSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2019-04-02 3361736]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-05-27 419248]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 6744288]
R2 MSI_SuperCharger;MSI Super Charger Service; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2019-02-14 183480]
R2 MSICTL_CC;MSI Command Center control Service; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2017-02-15 2102880]
R2 MSIDDR_CC;MSI Command Center DDR Service; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2017-09-07 2330296]
R2 MSISleep;MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [2013-04-29 282624]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-02-02 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
R2 OneSyncSvc_3beed;OneSyncSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2019-10-06 6133752]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_3beed;cbdhsvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 PimIndexMaintenanceSvc_3beed;PimIndexMaintenanceSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 avg;Služba %1!s! Update (avg); C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-11-02 165520]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S2 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-09 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 avgm;Služba %1!s! Update (avgm); C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-11-02 165520]
S3 AVGSecureBrowserElevationService;AVG Secure Browser Elevation Service; C:\Program Files (x86)\AVG\Browser\Application\77.1.1833.92\elevation_service.exe [2019-09-25 984976]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_3beed;BcastDVRUserService_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_3beed;BluetoothUserService_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_3beed;CaptureService_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_3beed;ConsentUxUserSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_3beed;DevicePickerUserSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_3beed;DevicesFlowUserSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-12-09 781440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-09-09 43632]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe [2019-11-06 1111704]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_3beed;MessagingService_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MSIClock_CC;MSI Command Center Clock Service; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2016-09-09 4163680]
S3 MSICOMM_CC;MSI Command Center Comm Service; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2017-01-06 2206304]
S3 MSICPU_CC;MSI Command Center CPU Service; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2017-02-24 4172896]
S3 MSISMB_CC;MSI Command Center SMBus Service; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2016-12-05 2076768]
S3 MSISuperIO_CC;MSI Command Center SuperIO Service; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2017-02-10 611936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-03-19 66872]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\syswow64\PnkBstrB.exe [2014-03-19 103736]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_3beed;PrintWorkflowUserSvc_3beed; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2019-10-04 831288]
S4 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-17 92672]
S4 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S4 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
S4 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S4 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-08-31 654848]
S4 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-11-15 1659592]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-11-15 659256]

-----------------EOF-----------------

ReZisten · #2 Příspěvek od **ReZisten** » 19 lis 2019 17:56

Zde ještě log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by SWAN (administrator) on PC (MSI MS-7721) (19-11-2019 17:50:41)
Running from C:\Users\SWAN\Desktop
Loaded Profiles: SWAN (Available Profiles: SWAN)
Platform: Windows 10 Pro Version 1809 17763.775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2019-10-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.) [File not signed]
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Run: [Gaijin.Net Agent] => C:\Users\SWAN\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125384 2018-09-25] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Run: [Spotify] => C:\Users\SWAN\AppData\Roaming\Spotify\Spotify.exe [21282208 2019-10-23] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\Sortware\Policies\...\system: [disablecmd] 0
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\77.1.1833.92\Installer\chrmstp.exe [2019-10-16] (AVG Technologies USA, Inc. -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\.DEFAULT\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-2071813083-1845976314-806757171-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DC2D35-E5CC-46BE-BCCE-3D5FF6D6DD4C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {03DF4745-4E63-4BCE-BE64-313E94274BB4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {03E427EE-F537-49B6-95BA-AE27E74A057C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {055880E4-7BC3-469B-A856-3749FAD5FD3C} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1873000 2019-09-25] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {06E0408D-865F-4968-931B-994B8A870FD5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C85FD5E-8479-4CE1-9918-A658746D084D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {274E6A60-04E7-45F1-9AF5-8720A3227BE2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3610F1EF-E32C-483F-85CA-1D27648C002F} - System32\Tasks\{996C2E56-CF8D-42B1-8BB4-5B25693FCF2F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\unIosales\3xzfRV2iP452n4.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {38A7E5EB-5BDB-44A5-A0CB-8611C403C98B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {455FAF33-2070-4804-969D-5174EB082EAD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4FB12AAE-257E-4B64-8BA6-8AA0222CDF81} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {51D1D95A-40C9-48C0-B7EE-93222AB4F0C0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-10-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {528933E0-C10D-4157-8589-EE21C8C994A9} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {5504F1AB-5B21-4F39-938A-784E9A93FB81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {589DAEB1-19D3-4B07-A658-460B9CFF60D7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {61E8D464-6C98-4658-B87B-448552DE725E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {64F0B012-C0A9-4289-BDE1-FC6FB75EC1BB} - System32\Tasks\{466120E4-8C8C-4E51-8B69-F46BFC8B4EEF} => C:\Windows\system32\pcalua.exe -a E:\Autorun.exe -d E:\
Task: {6959ABD3-1070-4FD9-8744-3DF8A135BFD0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {69A88827-1A8C-4D96-A3C2-793E4AC49E3C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {7082DA51-DA86-4FD1-A98B-07CA0B6DE8CD} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe [8969432 2019-08-29] (Safer-Networking Ltd. -> )
Task: {71C551CB-1657-4835-A13C-87E4D16F0EA9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73E602CC-8789-41A0-AB81-E3638267EFF8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {76EF653B-6228-4BB0-AA24-D6509BEE3D4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {7782C681-6BDF-43A8-B682-EBD5E7870393} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F567537-7B7F-4A65-9C45-6698CCEC87A6} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1873000 2019-09-25] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {89336325-52D8-40E6-901A-5DDE8395BC42} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AD212BB-6785-46E3-A683-8C6DA2D9E641} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C5E4BFF-60F7-452D-8991-04DAF349CB0A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CAC1675-DDDF-49A2-A52F-FEF4B92CDC33} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-11-02] (AVG Netherlands B.V. -> AVG Technologies)
Task: {8D4736F8-A8B2-431D-8009-AFAFB642F929} - System32\Tasks\EPSON XP-610 Series Update {F046D536-3200-4F23-BAD7-73FA9472B4DD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {8EA7FB19-561A-43A7-AD47-8CFDA5D00CEF} - System32\Tasks\{C3E3F5FC-6C4D-4BEB-AFB6-6E0AF263B50A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\HD-V1.9\Uninstall.exe" -c /fcp=1
Task: {8F71AC29-E88F-403F-9659-0A8B5ABF81A4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {95606B13-9A48-4726-B5ED-AE5A404C402D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {975CA11C-29B2-479B-8CCA-10CBACDCE9BD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9FCB9B0A-1605-4542-AB35-1D9C8074E1F6} - System32\Tasks\EPSON XP-610 Series Invitation {F046D536-3200-4F23-BAD7-73FA9472B4DD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {A288DD09-6487-43C8-BB4D-12C0F2584A73} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A2FE3E52-3986-48F0-9AE0-EA2AA5A1CF14} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A6132231-63DC-4B7E-989A-7F5FFDDB3AE4} - System32\Tasks\{1CA0FA9F-C6F9-42E3-8D18-DFCEB9BCE8C7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fromcontrolpanel=1
Task: {A6858A86-6B1F-4564-94E7-7B28F377E4B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ACBD6E4C-ECC0-4FEE-BED4-9EE0E46E287F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-09] (Google Inc -> Google Inc.)
Task: {AFCFAD6C-C942-4724-8EEE-A8638EA78C1F} - System32\Tasks\EPSON XP-610 Series Invitation {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B07CDC2B-CD1A-46E7-98A7-96D8AC0D5469} - System32\Tasks\{B99D28A7-9F65-43D0-9F08-97012174B353} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\We Love Deals\We Love Deals.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {BA9D6900-DDC0-47F4-BA43-57CB108A29A9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7F296B9-254A-471B-B3E2-5CE93FF9A754} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {CA51845E-070C-4B95-BA52-CCB338A966F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBA8CAC1-7E10-4759-A25D-7CF5A389610C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1C2F64E-B395-42D3-B663-34C629E83752} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-09] (Google Inc -> Google Inc.)
Task: {DC98F61B-53A1-4E32-B562-0C6A91966862} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-11-02] (AVG Netherlands B.V. -> AVG Technologies)
Task: {E2DA047C-5A60-42E2-A778-8BFDC85C77DA} - System32\Tasks\EPSON XP-610 Series Update {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {E829E330-F4B6-43DF-A74E-467D35E90B5C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ECC8BAA6-5412-488B-8FCD-61FCCCD18D5F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4709B81-72B8-4BE4-A042-D91D5C94253D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD96C816-E8A7-47C4-B713-1621870F44DB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {F046D536-3200-4F23-BAD7-73FA9472B4DD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {2CEC53D3-1048-4830-A3EB-6CDB033BFCB0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{2CEC53D3-1048-4830-A3EB-6CDB033BFCB0} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {F046D536-3200-4F23-BAD7-73FA9472B4DD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{F046D536-3200-4F23-BAD7-73FA9472B4DD} /F:UpdateWORKGROUP\SWAN-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0DA8CC2C-FE9D-44AE-B37E-E6316F216CD9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{212ccb34-bd9a-47e4-8b8c-d9b116be0a04}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4BDB8EF9-88CC-4624-83B4-ED7CB716502E}: [DhcpNameServer] 8.8.8.8 194.12.32.193 176.62.225.2
Tcpip\..\Interfaces\{62e421a9-fed2-4db4-b2ff-18aedefafa90}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d72f23f5-6bfd-47a3-a30e-5c5f1e4d5844}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\S-1-5-21-2071813083-1845976314-806757171-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

ReZisten · #3 Příspěvek od **ReZisten** » 19 lis 2019 17:56

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by SWAN (19-11-2019 17:48:25)
Running from C:\Users\SWAN\Desktop
Windows 10 Pro Version 1809 17763.775 (X64) (2019-02-02 22:28:10)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2071813083-1845976314-806757171-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2071813083-1845976314-806757171-503 - Limited - Disabled)
Guest (S-1-5-21-2071813083-1845976314-806757171-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2071813083-1845976314-806757171-1003 - Limited - Enabled)
SWAN (S-1-5-21-2071813083-1845976314-806757171-1000 - Administrator - Enabled) => C:\Users\SWAN
WDAGUtilityAccount (S-1-5-21-2071813083-1845976314-806757171-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version: - )
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{E2078C11-E9EC-BD96-037C-A3423082F2BF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 77.1.1833.92 - Autoři prohlížeče AVG Secure Browser)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.123 - MSI)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.060 - MSI)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
CpuCoreParking (HKLM-x32\...\{523A6610-C6A5-4868-BF18-206DD33827C3}) (Version: 2.1.4.0 - CpuCoreParking)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version: - SEIKO EPSON Corporation)
FabFilter Total Bundle (HKLM\...\FabFilter Total Bundle_is1) (Version: 2019.03.13 - FabFilter)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
iTunes (HKLM\...\{288617D6-B455-4C00-8BFE-46B023202CF1}) (Version: 12.9.2.6 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{154C7340-7C70-11E3-A15F-F04DA23A5C58}) (Version: 13.0.879 - Sony)
Mp3tag v2.93 (HKLM-x32\...\Mp3tag) (Version: 2.93 - Florian Heidenreich)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.24 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Native Instruments Kontakt 5 (HKLM\...\{EF2DA377-8D25-46D5-B18D-9D1F080BDB0F}) (Version: 5.7.3.37 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments)
Native Instruments Massive X (HKLM\...\{0B02E392-F5AC-4E74-8EE0-37165898D6A9}) (Version: 1.0.0.0 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Ozone 8 Advanced (HKLM-x32\...\Ozone 8) (Version: 8.00 - iZotope, Inc.)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
RogueKiller version 12.12.19.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.19.0 - Adlice Software)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\Spotify) (Version: 1.1.17.545.g74ed9ff1 - Spotify AB)
Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 3.4 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TP-Link TL-WN722N (HKLM-x32\...\{F9C15685-38A9-46A1-9826-97204015C19C}) (Version: 2.1.0 - TP-Link)
Ultima Online Cataclysm UO 5.0.8.3 (HKLM-x32\...\Ultima Online Cataclysm UO 5.0.8.3) (Version: - )
Ultima Online version ... (HKLM-x32\...\Ultima Online_is1) (Version: ... - )
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 7.1.1 - UltraDefrag Development Team)
UOS version 1.0.5 (HKLM-x32\...\{FC6804BE-B90F-4C2B-BF21-6A4063C8FD4C}_is1) (Version: 1.0.5 - UOS, Team.)
ValhallaVintageVerb version 1.7.1 (HKLM-x32\...\{F63B0240-2765-450B-81CD-D305D9F53C3D}_is1) (Version: 1.7.1 - Valhalla DSP, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-10-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => -> No File
ContextMenuHandlers1: [Mp3tagShell] -> [CC]{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Mp3tagShell] -> [CC]{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Mp3tagShell] -> [CC]{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-10-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\SWAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultima Online\Website.lnk -> hxxp://www.cataclysmuo.com
ShortcutWithArgument: C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_emfinbmielocnlhgmfkkmkngdoccbadn\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\SWAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\SWAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn

==================== Loaded Modules (Whitelisted) =============

2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2015-07-27 15:07 - 2015-07-27 15:07 - 000214528 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-07-27 15:07 - 2015-07-27 15:07 - 000127488 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-27 15:07 - 2015-07-27 15:07 - 000102400 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\0f4ddbf05d7c580ef72795c9743cb153\A4.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\9c1dc4822e736f549d2143e8f0c55b8d\AEM.Actions.CCAA.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\2457a1512055f9694c4d2f0eed278bc8\AEM.Plugin.EEU.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\ea5bfda319b6c4a8d2f4f64861318e5b\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\f19716ce9c619d351bfcdd683f026eed\AEM.Plugin.Audio.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\ccb85cda421e45a6ea6f92f323cd4910\AEM.Plugin.DPPE.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000282112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\d40a3d131651e02509b1dd8e65519e60\AEM.Plugin.Source.Kit.Server.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\93cd7929c819020111f6e2a8b5d0575a\AEM.Plugin.WinMessages.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\7f9c3312386f418e757b7b3fdb4c332c\AEM.Plugin.REG.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\258fdb1ff4db3f6688dbc53951ff24f7\AEM.Plugin.GD.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\8d8df34f2260c55717934f0798e53887\AEM.Server.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\9ac1ffd192e14fc307737f797a76009d\AEM.Server.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\5eeba15d7ef4e28ce3b117571e7edfe7\APM.Foundation.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\5f8bb8f18daa7557e745c351cf254c96\ATICCCom.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\8efdeb6dcef21a71704d29a3d4afc22b\CCC.Implementation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\9a2604f15b890545cff83191b3bc23d7\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\43e70df1641470d48a015087ec8668b1\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\60a76eaf52a8bca9e0727ac1ccfbfe99\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\1a3fb015d7c472f59a5c0fc8624e2629\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\1072a0aba320bf48736cd9237ed5486d\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\e7403c3c7a804dc9451cdca00d687b3d\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\db65d8bb381f91e4aa10f3bd2187ff9b\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\b744d0c91cb313caf69e706d208390f7\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000152576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\c4cd09dd7515244e892cccb8c6d3665f\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\4c00ee1c0fbc05d65026fe6c2c072dcb\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\244d05a142eea3b45f93d30856118387\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\247aeda676a683ffa76b4fa35e0c6bca\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\f504c0818a493964d4d61f2587b64a5d\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\271754447d67d4037a189297b9d67d58\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\42e278cb83c87e095b82d2264d06c7d1\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\0a409b85dd6fb679582fd0e3471903d5\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\bd260764eba5206e3181f8261902e49c\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\8620e8d8851a0a39513ba4cde5860e3f\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000449024 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\43ef2392229ca47190a9673522c543ef\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\2df8741728e586c80e2206291aad035d\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\390b23395c1c4ff7f4f4dedd795584c8\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\e1b8e246d64906fbcce1a0b18c56c951\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\d37fd863d9b570e0977c0dc6df38c9ed\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\c5687bb23eb98d2edc536265782a462a\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\c31754358623d71cd74cde02d22e2ff5\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\77695319c56e03f1345012f844829685\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\00449eed6452ed80e8f2723e4d7376d3\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\6cc7904c5db255d683688259a443156f\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\d65b98024e590c4b13666c6a36b05905\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\97412455ed078c978c6b189d2b67152c\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\66cbba0d0a22e9745e99690b55484bf1\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\e2c710ba8452ffcb358c5265850f89e8\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\3d53e286b2f62d4cd5bd2d1083dd6d44\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\e778a1d9b67f5a9303b9a324441f46e9\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\1c933d49881c141884381c6b4f5efd6d\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\796f0485b5d1deb91aadb8ad9fb34b54\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\37164e92367173508d668459df6af4bd\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\be215b2bfd3e0ca149d6adcb2adfa89e\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\34755f9904b3dc011f2e122d4633d56d\CLI.Caste.A4.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\efe35101eb7d08746245c30a251d9009\CLI.Caste.A4.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\a85f4ccd79fc194e822b63761165ff8a\CLI.Caste.A4.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\443aa6a720c55df6da3504f42a882036\CLI.Caste.Fuel.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000311808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\2c4a1bbe810fdf95a24395773cb9aff9\CLI.Caste.Fuel.Runtime.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\ffe8e3ed355a3817e9da45cf6535d1f8\CLI.Caste.Fuel.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\7c5d9f21592320809afe2a3592483854\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 001555968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\f97a58ee701592ab264d90c42d8e5c04\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\a4a28827d7c615789e2af498dc107d99\CLI.Caste.Graphics.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\d36070dafd41c589a8e43aea32e45c2c\CLI.Caste.HydraVision.Runtime.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\b894c355b14fb16cd31707c2fc2695b3\CLI.Caste.HydraVision.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\efc071762d36d9a2d056f62a999e74be\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\18ca5033a9647c9d32dcff5b2ac46c68\CLI.Caste.Platform.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\06581c91152a986faec8ad507b7ae566\CLI.Caste.Platform.Runtime.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\a0b8345f9eaebba7e49de99398a11b9d\CLI.Caste.Platform.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\6e12dc2f6a59b147f94b5200fa965c93\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\2420d2dc9e667f696c90482604f678ee\CLI.Component.Runtime.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\eb419f6ac7074db386c9cf0fc8eca905\CLI.Component.Systemtray.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\5039c0e511590db5aa8a91d9cdad8de9\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\d40857f5516ac9996dc32a62768adc60\CLI.Component.Runtime.Shared.Private.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\fc25e7b239531a8fb46cb1fca6678d2d\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\6c515a97c823a19a377d9d456486cc72\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\614e6f32a39e4893bcbd1cdf7a2a0bba\CLI.Component.Client.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\1ca4047e38ccb6197e01b4162924f2ea\CLI.Component.Dashboard.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\732b176f24cee12f7011df2714884651\CLI.Foundation.Private.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\90d3e2e82ea11844effd942665125fc5\CLI.Foundation.XManifest.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\7e70b0074b3c748fe9aa37c9a95a5f79\CLI.Foundation.CoreAudioAPI.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 001079296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\e018905f2fba335df7588fb338b51f80\CLI.Foundation.Client.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\3daacd93f854a613f7d7d81776f88723\CLI.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\4d771441c9d46d253951dda4bd1968de\DEM.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\d518a9a37efa7ac98a7012939f9092ef\DEM.Graphics.I0601.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\ca441bff32450e15a2bc17576190bdd7\DEM.Graphics.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\eba90a1c0a50ca57d88f55f02f391094\Fuel.Foundation.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\6dbe9d582e4e5c576e250a4e067b233a\LOG.Foundation.Implementation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\2b67962dfb4163de6bc560fb204a7293\LOG.Foundation.Private.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\c68af0b5dd9e1ba761e8839463971f9e\LOG.Foundation.Implementation.Private.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\03a08007fd4ed96e567db58148720878\LOG.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\dd418f7e199d35022573373ca6e4d776\MOM.Foundation.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\5da013dbdc6e3c4537a255b96b7fb80f\MOM.Implementation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\7a872567af5a9ffcb3ec8a79994f08e6\NEWAEM.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\51aef2381493db28c8b17b0cb83dc308\ADL.Foundation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\a95af9ba378817c68ba2291c84419ebc\APM.Server.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\6fa1045014a44d0629139f33b895f3bc\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\4676075b01473931eb99a5de77c42474\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\7aa69ebc9f183d28efa60856ff1569f9\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\218dc0e54a1ee268706d61460a885651\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\d0e02f9b2e094d2b723703ebe5394a63\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\5d4d73f0795e4d59634c273a3f2d7821\CLI.Component.Client.Shared.Private.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\240f622ea1396bd34e08e3baada07390\CLI.Component.Runtime.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\5a2ffd8f40611418068c80357d38a200\CLI.Component.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\eb8da15670c9abe091c1ef2a287f0024\DEM.Graphics.I0706.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\183b5c90087dcfb9323aa8ac0aa10d8d\DEM.Graphics.I0709.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\7cd85ab387b8db2e2220a386b7c7201f\DEM.Graphics.I0712.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\cf388238f29d9107f0452cf41e201af5\DEM.Graphics.I0804.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\04833bf8903a32dc824c4358fdd4a8c5\DEM.Graphics.I0805.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\a03c298c455e30003ebeab8f7164a538\DEM.Graphics.I0812.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\93f4dd749c69d87f8ab2484427b00320\DEM.Graphics.I0906.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\8a96bf59b5c27c3f933a32792f045b9a\DEM.Graphics.I0912.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\49d7f60c7e41859e8c763091780c3d5a\DEM.Graphics.I1010.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\22fa658a25fe4e30092cdbb129b9ff7f\Localization.Foundation.Private.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 000244224 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\9c313971ca91b7366d890852c2b7e03e\ResourceManagement.Foundation.Implementation.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\3240997c8b2ea59c8f1bd489b7f505ce\ResourceManagement.Foundation.Private.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\6533926868b53d2ed4cdf154416552c5\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\fc670af3d13eb098f13df338f8d802d4\CLI.Caste.Graphics.Shared.ni.dll
2019-11-13 20:47 - 2019-11-13 20:47 - 003268608 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\ce6e7dd2917f823e06a2aba596b1f7aa\CLI.Caste.Graphics.Runtime.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\13a4646f655e806ffbc6e7fa3fdf1bdb\Microsoft.WindowsAPICodePack.ni.dll
2019-11-13 20:46 - 2019-11-13 20:46 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\e91f04ac8daab6e286997fbdf217dff2\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\sharepoint.com -> hxxps://spstrutnov.sharepoint.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-11-19 10:25 - 000000249 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 incoming.telemetry.mozilla.org

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2071813083-1845976314-806757171-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SWAN\Downloads\city-1570221544862-4640.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FoxitReaderService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "D:\Programy\iTunes\iTunesHelper.exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "ControlCenterCount"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EBEED3C6-23FE-4D9C-B486-CDCC01C4311D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{759F323D-8054-4942-9432-41E8BEC610EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F8BA76B4-32EA-4C76-9C15-35EB3C79BC63}] => (Allow) D:\Programy\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0448DD50-CD30-4BBC-A2AB-13D529076B1B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{93CF257F-97A0-4429-A209-A49A8BB74EB6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FB88F6C3-5A00-4F1D-859A-E8D65F0DA096}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{75E78FC4-CA5F-49EA-9162-D0A824CE641F}D:\hry\ultimaonlinehs\client_1546x1010.exe] => (Allow) D:\hry\ultimaonlinehs\client_1546x1010.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{EFE1635B-08D0-4AA2-9B85-0A0460B1B244}D:\hry\ultimaonlinehs\client_1546x1010.exe] => (Allow) D:\hry\ultimaonlinehs\client_1546x1010.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{C56F768C-1832-42F5-B35D-02BE9D5BB128}D:\hry\ultima online cataclysm\client.exe] => (Allow) D:\hry\ultima online cataclysm\client.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{E4ECC4AC-1D05-4552-AAD5-A0A0703C2439}D:\hry\ultima online cataclysm\client.exe] => (Allow) D:\hry\ultima online cataclysm\client.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{D5391CF5-202D-4A07-B070-BAACE4AB5E31}D:\hry\modern warfare 2\iw4mp.exe] => (Allow) D:\hry\modern warfare 2\iw4mp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [TCP Query User{0C1330E5-47C2-4381-859B-B33BBFB81B3C}D:\hry\modern warfare 2\iw4mp.exe] => (Allow) D:\hry\modern warfare 2\iw4mp.exe (Valve Corporation -> ) [File not signed]
FirewallRules: [UDP Query User{5E03D1D1-9EC2-45E3-9DC6-00A7E8842033}D:\hry\age of empires ii - the age of kings\empires2.exe] => (Allow) D:\hry\age of empires ii - the age of kings\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{D4290C5E-7EA5-4A2A-8EBC-1AEA784959ED}D:\hry\age of empires ii - the age of kings\empires2.exe] => (Allow) D:\hry\age of empires ii - the age of kings\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{5F3AD5B8-4F4B-428A-858B-1EE5F62FBC04}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{9D51ACFB-F915-4D7E-A126-07228409ABB0}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{4ACE498D-408A-4332-B320-A900B995037F}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe
FirewallRules: [TCP Query User{4DAB9987-1255-4D12-B667-F57F2599C4BD}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe
FirewallRules: [{AE56261A-7E2E-4CE1-9987-476F4E4515DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1F7997E1-1A03-49D8-B653-75ACEAAABDCE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8E45C885-0780-4E7C-B149-D318E0FD318B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{305337A9-8509-481C-A27D-73E55EA4A223}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{16588876-B434-4624-B054-7C7F5917F0DD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6B26BAC-EF97-4693-A720-156999CEC6ED}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60B62767-E2BE-4907-A0E8-691A8688FF79}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADB50534-6C2C-4CEF-A2BA-BF37A8CA2DCB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5059EB77-4B16-4BE9-A8AF-AC1FCABD20CA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C2C6C40C-2764-4AF2-86F5-F3D18F32D00F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6EA81639-4CA5-45B7-8B61-CA91AC49C194}D:\hry\ultima online cataclysm\client.exe] => (Allow) D:\hry\ultima online cataclysm\client.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{B0D93FD3-B981-494C-9091-569F3A7E5DE8}D:\hry\ultima online cataclysm\client.exe] => (Allow) D:\hry\ultima online cataclysm\client.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{6E6B4D90-9273-424C-B20A-D6E43ABF4FF1}D:\hry\age of empires ii - the age of kings\empires2.exe] => (Allow) D:\hry\age of empires ii - the age of kings\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{649B6A28-6053-4286-8F4C-D8D00FE6D9F3}D:\hry\age of empires ii - the age of kings\empires2.exe] => (Allow) D:\hry\age of empires ii - the age of kings\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{D333DAF7-D48A-49BC-9253-3CBAFAE0889E}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{F8F593DA-BF08-426E-B449-6CF7249EE3FE}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{4E64FEE7-E59A-4774-A204-CB331436149A}C:\users\swan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\swan\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{BE1A4CBB-C789-4F9A-9CD5-BCB3852D3C12}C:\users\swan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\swan\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{676C582D-427F-4A60-A361-9CB9DD2F3ECE}D:\programy\fl studio\system\tools\bridge\64bit\ilbridge.exe] => (Allow) D:\programy\fl studio\system\tools\bridge\64bit\ilbridge.exe (Image-Line) [File not signed]
FirewallRules: [UDP Query User{00C6FA4C-9686-4898-9882-515C7B040175}D:\programy\fl studio\system\tools\bridge\64bit\ilbridge.exe] => (Allow) D:\programy\fl studio\system\tools\bridge\64bit\ilbridge.exe (Image-Line) [File not signed]
FirewallRules: [{81C26E69-2702-40DC-A57C-B10521EB4A1D}] => (Allow) D:\Hry\Age of Empires II The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{0A9AA196-5C7D-453A-BBA7-F666F13F517C}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{8663365B-0A07-4EE4-A8B8-13A5BD7BD6CB}] => (Allow) D:\Hry\Age of Empires II The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{7A99D15F-642C-42CC-88FA-5CBC49182258}] => (Allow) D:\Hry\Age of Empires II The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F1B9D538-7460-4794-9DA9-B73F1A1570D5}] => (Allow) D:\Hry\Age of Empires II The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{323AD91E-AEA8-4504-9003-50C05F4E845A}] => (Allow) D:\Hry\Age of Empires II The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{1F22B6B7-50D7-4279-B609-B9E8077FE08F}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{F101C7D3-E7CF-400E-9475-63EE566F1BFB}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{4FD49CD0-D211-4D8A-BD71-85BD31E17131}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{8DC55F55-7F91-44DD-9656-E0D59CDD322D}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1EDBF10-9252-4923-B39C-4E19F67F53A1}C:\users\swan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\swan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{BF1B6C13-7CD5-4DFE-99C9-9666F9C5A8AA}C:\users\swan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\swan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{DC6DB2AA-A0AB-4F32-BC1A-E0279527F886}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4DA8162E-09D5-4290-B774-B3A3C6D005D7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{430EB757-8486-4230-8E17-5864FB9FE0C8}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3E44B9D6-7CA1-439B-BCE0-29DAFB328231}] => (Allow) D:\Hry\Age of Empires II The Conquerors\age2_x1\age2_x2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{19E4D7FE-E089-407C-BA7E-4D86548FA333}C:\program files (x86)\electronic arts\ultima online classic\client.exe] => (Allow) C:\program files (x86)\electronic arts\ultima online classic\client.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{E4052206-98ED-4FAB-97C6-5BDC6DA6F1F4}C:\program files (x86)\electronic arts\ultima online classic\client.exe] => (Allow) C:\program files (x86)\electronic arts\ultima online classic\client.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{18E575A6-70F9-45E3-9AB3-A6F8D24C1CED}C:\program files (x86)\outlands ultima online\client.exe] => (Allow) C:\program files (x86)\outlands ultima online\client.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{77AC09DF-C14F-4A03-9BAE-6898BD141828}C:\program files (x86)\outlands ultima online\client.exe] => (Allow) C:\program files (x86)\outlands ultima online\client.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{E2658CF0-B0CF-4EC9-B0C6-634429AEFA2D}D:\hry\lol\game\league of legends.exe] => (Allow) D:\hry\lol\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{9EC55E1E-E723-4C31-9305-624C32E7CA33}D:\hry\lol\game\league of legends.exe] => (Allow) D:\hry\lol\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{C1CCE883-0A94-4028-A795-3B31F62BC0EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C79A0F50-DD56-4DBF-BF93-BB1E58346B77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{246A26AF-A5AB-4B69-8081-B629235C5637}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DA0B45BB-DFE9-4853-BCC0-D035E0F7E700}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CCE2F16C-E61F-4456-BEBE-04A8EC92EF06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ABE56F19-3ACC-42C4-ADE4-450DA7C3E8B8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4596284F-110B-4E62-A051-5606B9F220E9}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies)
FirewallRules: [{4E3BF8DA-7965-4F5F-BBEA-64CB8173234E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E78AEF24-4157-4854-9242-3D21F58CE6A7}D:\hry\ultima online cataclysm\client_noenc.exe] => (Allow) D:\hry\ultima online cataclysm\client_noenc.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{BD27881C-6ECF-49D8-A918-DC93EFB2F08C}D:\hry\ultima online cataclysm\client_noenc.exe] => (Allow) D:\hry\ultima online cataclysm\client_noenc.exe (Electronic Arts) [File not signed]

==================== Restore Points =========================

28-10-2019 17:16:48 Naplánovaný kontrolní bod
07-11-2019 15:28:31 Naplánovaný kontrolní bod
12-11-2019 16:23:34 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
12-11-2019 19:19:23 Removed PhenomMsrTweaker
13-11-2019 21:56:16 Removed Futuremark SystemInfo

==================== Faulty Device Manager Devices ============

Name: Scarlett 2i2 USB-DFU
Description: Scarlett 2i2 USB-DFU
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: MSI RAMDrive
Description: MSI RAMDrive
Class Guid: {ffb1c341-4539-11d3-b88d-00c04fad5172}
Manufacturer: Micro-Star Int'l Co., Ltd.
Service: RAMDriv
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (11/19/2019 05:04:52 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 04:04:51 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 03:04:52 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 02:04:51 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 01:04:53 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 12:04:51 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 11:04:51 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/19/2019 10:36:04 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

System errors:
=============
Error: (11/19/2019 05:39:31 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 04:41:17 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 03:41:32 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 02:54:38 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 02:41:33 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 01:50:44 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 01:41:31 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/19/2019 12:42:28 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli PC\SWAN (SID: S-1-5-21-2071813083-1845976314-806757171-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Windows Defender:
===================================
Date: 2019-05-27 20:33:28.575
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16000.6
Předchozí verze modulu: 1.1.15100.1
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-11-12 21:41:14.451
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\SWAN\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-12 21:41:14.257
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-05 22:19:10.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-05 22:19:10.276
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-05 22:19:10.215
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-05 22:19:09.965
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-05 22:19:09.937
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-05 22:19:09.901
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V11.4 10/12/2013
Motherboard: MSI FM2-A55M-E33 (MS-7721)
Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 7377.8 MB
Available physical RAM: 3565.13 MB
Total Virtual: 7889.8 MB
Available Virtual: 3774.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.48 GB) (Free:83.44 GB) NTFS
Drive d: () (Fixed) (Total:638.44 GB) (Free:293.61 GB) NTFS

\\?\Volume{624bedc4-78af-11e3-b137-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{00aec2cd-0000-0000-0000-c02449000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00AEC2CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=504 MB) - (Type=27)
Partition 4: (Not Active) - (Size=638.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#4 Příspěvek od **Conder** » 19 lis 2019 23:50

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

ReZisten · #5 Příspěvek od **ReZisten** » 22 lis 2019 20:59

Zde je log z ADW:

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-11-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-22-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [138410 octets] - [01/07/2019 15:41:43]
AdwCleaner[C00].txt - [120918 octets] - [01/07/2019 15:42:14]
AdwCleaner[S01].txt - [1375 octets] - [24/07/2019 11:25:01]
AdwCleaner[S02].txt - [1436 octets] - [15/09/2019 13:37:08]
AdwCleaner[C02].txt - [1622 octets] - [15/09/2019 14:11:07]
AdwCleaner[S03].txt - [1558 octets] - [22/09/2019 20:44:38]
AdwCleaner[C03].txt - [1744 octets] - [22/09/2019 22:45:51]
AdwCleaner_Debug.log - [23427 octets] - [13/11/2019 22:01:44]
AdwCleaner[S04].txt - [1818 octets] - [13/11/2019 22:02:18]
AdwCleaner[C04].txt - [2007 octets] - [13/11/2019 22:02:46]
AdwCleaner[S05].txt - [1941 octets] - [22/11/2019 20:56:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

#6 Příspěvek od **Conder** » 22 lis 2019 22:25

OK. Poprosim o obidva nove logy z FRST.

VIRY.CZ

Poprosím o preventivku

Poprosím o preventivku

Re: Poprosím o preventivku

Re: Poprosím o preventivku

Re: Poprosím o preventivku

Re: Poprosím o preventivku

Re: Poprosím o preventivku