Dobrý deň prajem,
poprosil by som tunajších odborníkov o kontrolu logov, PC skenované MBAM, SaS a ESET-om, žiadne nálezy. Vopred srdečne ďakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Venom (administrator) on BLACKMESA (09-02-2020 15:38:29)
Running from C:\Users\Venom\Desktop
Loaded Profiles: Venom (Available Profiles: Venom)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\...\AppCompatFlags\Custom\game.exe: [{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb] -> TS Compatibility Fix
HKLM\Software\...\AppCompatFlags\InstalledSDB\{3f4535f8-e996-4cf1-bb6d-66eb87969155}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb [2015-09-01]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {249092BE-0019-49F3-A06B-596649030AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {472B6205-D9E8-4AA5-B040-C409E2C5E1DC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {47AB16E8-E387-4612-8D43-FD4AA33ED0A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1354064 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B8D86F-4141-443C-971E-D3BA43877235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115440 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F155994-45F2-4105-B5F2-F988DBBAF068} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B293AF1F-48EC-45B0-AF29-B908B5C104C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B80B1C3C-2864-4B62-8AB0-DFB7BD4D2BAA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1354064 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBF9E1D4-59A9-4D71-B486-CFA83784C78B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D52AA5D5-E7EA-4E5C-BBF5-F2959212A32C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {EB1C611A-D84C-4352-A21F-4055DA25CF31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115440 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{73aeb62c-0040-447b-bd1f-edc735186fdc}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 5a6mqd52.default
FF ProfilePath: C:\Users\Venom\AppData\Roaming\Mozilla\Firefox\Profiles\5a6mqd52.default [2020-02-09]
FF Homepage: Mozilla\Firefox\Profiles\5a6mqd52.default -> hxxps://www.google.sk/
FF NetworkProxy: Mozilla\Firefox\Profiles\5a6mqd52.default -> type", 0
FF Extension: (AdBlock) - C:\Users\Venom\AppData\Roaming\Mozilla\Firefox\Profiles\5a6mqd52.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-02-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129712 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2019-11-25] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1218632 2020-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2020-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-19] (Malwarebytes Inc -> Malwarebytes)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2020-01-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3393848 2020-01-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-23] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-07-23] (Realtek Semiconductor Corp. -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 15:38 - 2020-02-09 15:39 - 000015403 _____ C:\Users\Venom\Desktop\FRST.txt
2020-02-09 15:37 - 2020-02-09 15:38 - 000000000 ____D C:\FRST
2020-02-09 15:36 - 2020-02-09 15:36 - 002279424 _____ (Farbar) C:\Users\Venom\Desktop\FRST64.exe
2020-02-09 13:10 - 2020-02-09 13:10 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-02-09 13:10 - 2020-02-09 13:10 - 000216544 ____N (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-02-03 18:28 - 2020-02-03 18:35 - 000000000 ____D C:\Users\Venom\Documents\Warcraft III
2020-02-03 18:28 - 2020-02-03 18:28 - 000000521 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2020-02-03 18:28 - 2020-02-03 18:28 - 000000521 _____ C:\ProgramData\Desktop\Warcraft III.lnk
2020-02-03 18:28 - 2020-02-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2020-02-03 17:42 - 2020-02-03 17:42 - 005649576 _____ (Blizzard Entertainment) C:\Users\Venom\Downloads\Warcraft-III-Setup.exe
2020-01-28 21:08 - 2020-02-02 18:36 - 000000000 ____D C:\Users\Venom\AppData\Local\MK11
2020-01-25 18:07 - 2020-01-25 18:07 - 000000000 ____D C:\Users\Venom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doomsday 2.2.1.3299
2020-01-23 21:15 - 2020-01-23 21:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Sniper3
2020-01-20 16:06 - 2020-01-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-01-14 19:58 - 2020-01-14 19:58 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-14 19:58 - 2020-01-14 19:58 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-14 19:48 - 2020-01-14 19:50 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-14 19:48 - 2020-01-14 19:50 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-09 15:34 - 2019-12-02 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-09 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-09 14:25 - 2018-10-20 15:55 - 000000000 ____D C:\Users\Venom\AppData\LocalLow\Mozilla
2020-02-09 13:05 - 2019-12-02 16:55 - 000920210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-09 13:05 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-09 13:05 - 2018-11-17 10:16 - 000075714 _____ C:\WINDOWS\system32\perfh01B.dat
2020-02-09 13:05 - 2018-11-17 10:16 - 000020172 _____ C:\WINDOWS\system32\perfc01B.dat
2020-02-09 13:00 - 2019-12-02 16:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-09 13:00 - 2019-08-30 15:32 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-09 04:38 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-09 04:21 - 2018-10-29 12:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Battle.net
2020-02-09 01:05 - 2018-10-29 09:19 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-09 01:03 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-09 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-05 20:09 - 2019-03-12 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-02-04 01:49 - 2018-10-23 22:26 - 000000000 ___RD C:\Users\Venom\Patches
2020-02-03 17:43 - 2018-10-29 12:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-02-03 17:25 - 2018-10-20 15:26 - 000000000 ____D C:\Users\Venom\AppData\Local\VirtualStore
2020-02-03 16:13 - 2019-08-28 16:11 - 000000000 ____D C:\Users\Venom\Documents\AXA
2020-01-29 19:37 - 2018-10-20 16:20 - 000000199 _____ C:\Users\Venom\Desktop\Misc.txt
2020-01-28 20:24 - 2018-10-21 13:23 - 000000000 ____D C:\Users\Venom\AppData\Local\D3DSCache
2020-01-28 17:33 - 2019-02-20 21:17 - 000000000 ____D C:\Users\Venom\AppData\Local\Ubisoft Game Launcher
2020-01-27 14:19 - 2018-10-20 15:26 - 000000000 ____D C:\Users\Venom\AppData\Local\Packages
2020-01-25 18:07 - 2019-04-25 13:46 - 000000000 ____D C:\Program Files (x86)\Doomsday 2.1.1
2020-01-25 16:39 - 2018-10-20 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-01-25 16:39 - 2018-10-20 15:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-24 22:39 - 2019-01-17 00:16 - 000000000 ____D C:\ProgramData\Origin
2020-01-24 22:38 - 2019-01-17 00:16 - 000000000 ____D C:\Users\Venom\AppData\Roaming\Origin
2020-01-24 22:37 - 2019-01-17 00:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Origin
2020-01-24 22:37 - 2019-01-17 00:16 - 000000000 ____D C:\Program Files (x86)\Origin
2020-01-24 21:54 - 2018-10-20 16:43 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-01-24 20:22 - 2018-12-01 12:53 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-01-23 16:48 - 2019-02-02 16:01 - 000000912 _____ C:\Users\Venom\Desktop\Diablo II - Lord of Destruction - PlugY.lnk
2020-01-22 11:53 - 2018-10-20 15:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 21:47 - 2018-10-20 15:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 11:32 - 2019-12-02 16:55 - 000004576 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 11:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-21 11:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-14 22:38 - 2018-10-20 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-14 22:38 - 2018-10-20 17:54 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-14 22:37 - 2018-10-20 17:54 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-14 20:07 - 2019-12-02 16:43 - 000339000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-14 20:05 - 2018-10-20 16:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-14 20:01 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-14 20:01 - 2018-10-20 16:29 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 20:39 - 2019-03-22 15:27 - 000000118 _____ C:\Users\Venom\Desktop\Resty.txt
==================== Files in the root of some directories ========
2019-07-11 22:02 - 2019-07-11 22:02 - 000332800 _____ () C:\Users\Venom\AppData\Roaming\patcher.dll
2018-10-21 13:24 - 2019-01-31 18:42 - 000007670 _____ () C:\Users\Venom\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Venom (09-02-2020 15:40:29)
Running from C:\Users\Venom\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2019-12-02 15:55:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3985067572-2050150969-3629286671-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3985067572-2050150969-3629286671-503 - Limited - Disabled)
Guest (S-1-5-21-3985067572-2050150969-3629286671-501 - Limited - Disabled)
Venom (S-1-5-21-3985067572-2050150969-3629286671-1001 - Administrator - Enabled) => C:\Users\Venom
WDAGUtilityAccount (S-1-5-21-3985067572-2050150969-3629286671-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Activision(R) (HKLM-x32\...\{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blood: Fresh Supply (HKLM-x32\...\1374469660_is1) (Version: 1.9.10 - GOG.com)
Command & Conquer 3 (HKLM-x32\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Command & Conquer™ 3: Kane's Wrath (HKLM-x32\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Electronic Arts Inc.)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doomsday 2.2.1.3299 (HKLM-x32\...\{C9F07A85-51FA-484E-8849-A130226F903A}) (Version: 2.2.1.3299 - dengine.net)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Far Cry (HKLM-x32\...\1207658750_is1) (Version: 1.40 hotfix - GOG.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\1207659126_is1) (Version: 2.1.0.22 - GOG.com)
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12430.20184 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 68.4.2 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 68.4.2 (x86 sk)) (Version: 68.4.2 - Mozilla)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 1.21 hotfix - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.59.36848 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
Painkiller Black (HKLM-x32\...\1207658715_is1) (Version: 1.64 lang update - GOG.com)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 11.02 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake 4(TM) (HKLM-x32\...\{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.2 - Název společnosti:) Hidden
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.2 - Název společnosti:)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1024 - SUPERAntiSpyware.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.22a - Ghisler Software GmbH)
TS Compatibility Fix (HKLM\...\{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 83.0 - Ubisoft)
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wolfenstein (HKLM-x32\...\{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Licomp EMPiK Multimedia) Hidden
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.2 - Licomp EMPiK Multimedia)
Wolfenstein(TM) 1.2 Patch (HKLM-x32\...\{91C514E8-C92E-48E4-BDEE-DE3407837194}) (Version: 1.2 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}) (Version: - ) Hidden
X-Men Origins - Wolverine(TM) (HKLM-x32\...\InstallShield_{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}) (Version: 1.00.0000 - Activision)
Packages:
=========
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-17 00:16 - 2019-06-11 07:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-01-17 00:16 - 2019-06-11 07:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-01-17 00:16 - 2019-07-12 08:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3985067572-2050150969-3629286671-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Venom\Pictures\sottr_wallpaper_1920x1080.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1E280DB2-C7BC-4D84-9FE1-8B411334B86C}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{46260538-9C8D-48F1-A9A5-BAFB50E2BC5F}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{489DC09C-2159-4A04-BA43-2645DFABC830}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D59514D1-51AF-43BA-9F8C-696DF96A81E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EC006EA9-C871-4D69-A2EC-9D27352B2817}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{02B9B2BA-AEC5-446B-B437-081F711A6939}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{276B596E-8EA3-4C8F-BBCC-369342A37D38}] => (Allow) D:\Hry\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{B89FB130-78CF-414D-8DC9-1929CA67BEAA}] => (Allow) D:\Hry\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{32F67AD9-DAC2-4A53-B67F-3E31197F21D8}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{1D129FA5-37CD-40C7-AF2B-C624774805F3}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{8AED3F7C-8F48-4E4A-8536-2C6B19416CD1}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{8101D54F-632F-4304-B02E-F3C94B7E0776}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{D9CF94A2-50BB-45F6-AA9E-8E3A5893F78B}] => (Allow) D:\Hry\Steam\steamapps\common\Contra Anniversary Collection\game.exe () [File not signed]
FirewallRules: [{A12561FF-2D55-4448-96B0-AB391DE8BB6E}] => (Allow) D:\Hry\Steam\steamapps\common\Contra Anniversary Collection\game.exe () [File not signed]
FirewallRules: [{08ED5D10-6C82-45EE-B1D5-205EF1E2AB53}] => (Allow) D:\Hry\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{2216A676-D502-4308-B3FC-34DF8C17AD67}] => (Allow) D:\Hry\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{AA62E8E8-6989-41FD-B2F9-74646D6686AF}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE 2\RAGE2.exe () [File not signed]
FirewallRules: [{BE1658B2-1795-40BB-AC93-6D9281F7FBD6}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE 2\RAGE2.exe () [File not signed]
FirewallRules: [{4E0E9879-A97F-4B3F-9BE0-CB3EDFE3B7A5}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\build.exe () [File not signed]
FirewallRules: [{5F5B199E-E4B6-465E-95E0-B56CCB164101}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\build.exe () [File not signed]
FirewallRules: [{D889FA0F-C64D-4116-BD7D-B280308D3A3D}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{737FC712-3875-4D7B-B40A-92FDC8703AEC}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{06ECEA8E-CCE3-427E-B542-C3AB5F378487}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\sw.exe (General Arcade) [File not signed]
FirewallRules: [{EDDCE3C1-7ED2-4D64-9C57-C77520B3D5BA}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\sw.exe (General Arcade) [File not signed]
FirewallRules: [{5ECF96B9-8E46-446A-B548-28E9E7815472}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{005C7A0C-5B32-4E1F-B365-DF176D963B42}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{00579ABB-4121-49D5-B257-C085E74AAFFF}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{37008BBD-7904-4728-84C5-3A11B3757FF5}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{2CD92116-022F-40C6-944C-5E1E649C81C7}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{BD411282-25F6-4603-8B06-03ABAFB589F8}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{1EA8A7A9-ED8B-48B6-9EAC-619CEBE8BE3A}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{6D7A2BF5-AEF9-4405-A3BE-7A6FA4E1D278}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{86BA8D07-9635-4952-B293-440AE9AC3095}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2A9C722A-6801-4BCC-B10A-033E6DB6280E}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{D1000F66-337D-4776-9CD2-ED7842C1EC6F}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders 2\Darksiders2.exe () [File not signed]
FirewallRules: [{D2CD7C0F-239A-44D3-8496-FC828111F06B}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders 2\Darksiders2.exe () [File not signed]
FirewallRules: [{B7729151-DEFA-41B6-9285-288EA0CFCD13}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{813CB032-F59A-40FE-9E9E-21B9EDD444F8}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{FFE7D15A-7F2D-43B7-BB1F-FA629BCF85FC}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{F8A1F584-50ED-412B-85ED-203AC04ECC44}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{57D0DE31-7616-4FEE-AB8A-33496A0D9C6B}] => (Allow) D:\Hry\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{6C8146FE-A31C-4A86-AFEF-5246002AED5C}] => (Allow) D:\Hry\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{8ECEE0C8-12F6-46F8-BD97-B2D5884A947D}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe () [File not signed]
FirewallRules: [{234C0F01-F7D0-4BF4-8C9F-18B50F8B166D}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe () [File not signed]
FirewallRules: [{6D863442-1795-43B2-B352-B77A931CB2DE}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe () [File not signed]
FirewallRules: [{09C907DF-C598-41D4-9C00-242BFF89C0A4}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe () [File not signed]
FirewallRules: [{69EDE904-DDD1-47A2-9165-60F060AB85B2}] => (Allow) D:\Hry\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{74D895F9-852A-4D84-AD90-6CE3E297410D}] => (Allow) D:\Hry\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{E954C4D8-7382-4178-AEAF-AC854F8A8E0C}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{22F01021-CDE6-4008-8753-A0C444FF7829}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{E2B70C6B-DBE3-4E2A-A73A-ECE550520568}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{A2726103-AA6B-4FF5-81E4-618C8ADB22EA}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{77F532BB-73F6-47B2-A932-C08779C59E8D}] => (Allow) D:\Hry\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{605FB031-C27C-4E31-8322-7E0658BD86B4}] => (Allow) D:\Hry\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{4F7846DC-D49B-4666-8140-76024FFE7EB4}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MPLite.exe (Activision Publishing -> Activision)
FirewallRules: [{B3D955AE-DE6F-416E-90F5-DD03CF046703}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MPLite.exe (Activision Publishing -> Activision)
FirewallRules: [{68B866AD-DF13-4D99-84CC-C34DC5C4DA2C}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MP.exe (Activision Publishing -> Activision)
FirewallRules: [{BF7BDC92-FD48-4366-BF9C-A8D44D0A36B1}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MP.exe (Activision Publishing -> Activision)
FirewallRules: [{7C13971D-7682-43AA-9F07-521E41ED9563}] => (Allow) D:\Hry\Steam\steamapps\common\Final Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{BD05AAF7-2E58-4718-895D-632CAF726E9A}] => (Allow) D:\Hry\Steam\steamapps\common\Final Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{FC801DD5-B81B-49A6-9F54-CA2BE68CF423}] => (Allow) D:\Hry\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{369C7B91-F968-4A3F-BD24-C6F0A15683B4}] => (Allow) D:\Hry\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{AE19ECAC-AC48-4FEC-9B86-948EA149E5BE}] => (Allow) D:\Hry\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{A5606F74-6598-4055-98A9-1B3CBE8056A5}] => (Allow) D:\Hry\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{29105911-351D-40E5-BE79-949CD6B063E1}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{542D3E95-1B51-4BB9-929F-91B3A82F045C}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{EA07C14A-1AED-4B56-9A11-DC111B283EFB}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{039EA02E-C927-462B-B376-BA552627B66A}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{CE953309-41D2-4602-908A-943C113D4370}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71F5B9EB-C459-49D7-8C33-337D92B25AD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1291AB4B-5CBC-45E4-9C86-7C1A0EA37A24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D378DDD2-C3E8-4AFD-99DE-000EB79BFC7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B19BB414-006C-4AF2-A619-3A31C1E009CF}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe () [File not signed]
FirewallRules: [{508DF684-22D4-4469-A901-CC8978B2CD10}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe () [File not signed]
FirewallRules: [{8F831E99-0A95-4FD9-9045-BFE27ECE4475}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{AD6AD1A2-0D16-4C3A-94D9-02CD50AC9BB1}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{2CEF7128-B32C-4F1F-833B-52BC0B719C04}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed]
FirewallRules: [{FF9BF310-C60D-4A72-890E-C2F2A1B07B0A}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed]
FirewallRules: [{06CB29E5-1583-41F4-A1E6-99216FF7ECC2}] => (Allow) D:\Hry\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{9BBE4261-44AF-4EAF-86F7-8073B9E69313}] => (Allow) D:\Hry\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{76B0D471-C0E3-476F-8DA2-F8A685A93266}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{76FB6662-0152-441B-AE04-91C7098D637A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF7B49FF-9847-4C6C-B900-763E7A797525}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{35AA3E1A-6B90-4AA9-9BAD-168DC447758C}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{1F49459E-7725-4265-8C62-5590B9DCE8CE}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [File not signed]
FirewallRules: [{09CC7EAF-E2A9-49A5-BAB6-2929D3319046}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [File not signed]
FirewallRules: [{148F0C9B-1036-4B21-9148-08F60FFB3594}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{CE1D2DCE-6487-4E83-BD5E-07DC01B800EA}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{CC4EFE15-6460-41AF-8D79-C76205CEDA93}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{44ED93A8-4FC1-4495-97F2-CC978BE92929}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{EBEBB338-9FCB-477D-9FF7-108B86C718D8}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11_DX12.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{34925B51-2943-4F24-8605-AE3A8B289D1B}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11_DX12.exe (WB Games, Inc.) [File not signed]
==================== Restore Points =========================
09-02-2020 13:30:35 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2020 03:41:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/09/2020 01:29:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba ESENT: -1032.
Error: (02/09/2020 01:29:11 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Catalog Database (4100,D,50) Catalog Database: An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (02/09/2020 01:12:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/09/2020 04:35:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9252,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/09/2020 01:08:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7484,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/08/2020 09:43:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1276,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/08/2020 09:11:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7200,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (02/04/2020 06:55:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/21/2020 11:37:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2020-02-09 13:05:54.614
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-02-09 13:05:54.610
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-02-09 13:05:54.521
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-02-09 13:03:42.895
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-09 13:03:42.890
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-09 13:03:42.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-09 13:03:42.878
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-09 13:03:42.870
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0309 03/04/2016
Motherboard: ASUSTeK COMPUTER INC. A88XM-A/USB 3.1
Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 28%
Total physical RAM: 16320.96 MB
Available physical RAM: 11705.09 MB
Total Virtual: 18752.96 MB
Available Virtual: 11681.34 MB
==================== Drives ================================
Drive c: (Lambda Core 1) (Fixed) (Total:118.64 GB) (Free:68.9 GB) NTFS
Drive d: (Lambda Core 2) (Fixed) (Total:931.51 GB) (Free:187.97 GB) NTFS
\\?\Volume{39dc9e51-8fab-43c6-87e1-ed12abfa4e25}\ (Obnovenie) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{98ec4cb0-31ac-48a7-98cd-2e6bf0df4988}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 97CFFCFF)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3B8C3BC1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
FRST Preventívka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: FRST Preventívka
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: FRST Preventívka
Ahoj, scan spravím dnes, len neskôr, teraz nie som pri tom počítači....no a chcem sa spýtať, našiel si niečo v tých logoch podozrivého?
// tu je ten log, nenašlo mi vôbec nič...
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-10-2020
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 34824
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [10/02/2020 11:01:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
// tu je ten log, nenašlo mi vôbec nič...
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-10-2020
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 34824
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [10/02/2020 11:01:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Re: FRST Preventívka
FRST logy vyzeraju OK, iba precistime zbytocnosti. Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?