Ahoj, poprosím o preventivní kontrolu PC.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Roman (administrator) on ROMAN (04-01-2022 09:50:28)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.32012.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <16>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3A0F562B-F61F-46BB-9252-ADB439BA283E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {3DB0FB5E-1637-45B2-9715-AC64C9E7845C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {60509CE4-F01F-46CF-9754-A3B5C2CB68B4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {607BE1A6-6D86-4E90-8D5C-E8B9BB5AF5BF} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7E71EE1E-7D25-48FD-976E-141AE68324C1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FF5FAA1-B481-46E1-84D9-8BBE61486B7F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {B1A56C2B-1522-4E48-9A79-B575D53D3C0C} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B5662160-1169-489E-8AE1-FF9675E271A5} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C1EB50C8-35BD-4C42-90F8-AA4AAC2CB2AF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-01] (Avast Software s.r.o. -> Avast Software)
Task: {D17B45A5-D326-4BFB-9A5E-F897A9D8ABA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {D7B11FC7-E319-4B6F-9D3F-CC3ACE870C44} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {DE729A8D-DCD4-454B-98AD-C1E9148094F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05f55d45-2dec-442d-a043-8c431bf54524}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25
Edge:
=======
DownloadDir: C:\Users\Roman\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001 -> hxxp://google.sk/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-31]
Edge DownloadDir: Default -> C:\Users\Roman\Downloads
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"
FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2020-12-23]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Opera:
=======
OPR Profile: C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable [2022-01-04]
OPR DownloadDir: C:\Users\Roman\Desktop
OPR Notifications: Opera Stable -> hxxps://answear.sk; hxxps://www.facebook.com; hxxps://www.g-star.com; hxxps://www.instagram.com; hxxps://www.youtube.com
OPR StartupUrls: Opera Stable -> "hxxps://www.google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed] [File is in use]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-05] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-04 09:50 - 2022-01-04 09:54 - 000024605 _____ C:\Users\Roman\Desktop\FRST.txt
2022-01-04 09:49 - 2022-01-04 09:52 - 000000000 ____D C:\FRST
2022-01-04 09:47 - 2022-01-04 09:47 - 002311168 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2021-12-20 21:26 - 2021-12-20 21:26 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-20 21:17 - 2021-12-20 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-20 21:16 - 2021-12-20 21:16 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 21:41 - 2021-12-19 21:41 - 000000000 ____D C:\Users\Roman\AppData\Local\SolidDocuments
2021-12-18 22:51 - 2021-12-18 22:51 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 22:51 - 2021-12-18 22:50 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-18 22:51 - 2021-12-18 22:50 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-17 12:30 - 2021-12-17 12:30 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 11:27 - 2021-12-16 11:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 10:12 - 2021-12-16 10:12 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:01 - 2021-12-14 14:01 - 000000000 ____D C:\Program Files\Adobe
2021-12-14 14:00 - 2021-12-20 21:13 - 000000000 ____D C:\Program Files\Common Files\Adobe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-04 09:41 - 2020-06-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-04 09:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-04 09:14 - 2018-05-12 10:38 - 000000000 ____D C:\Users\Roman\AppData\Local\D3DSCache
2022-01-04 09:06 - 2020-06-28 18:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-04 09:06 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2022-01-04 09:03 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2022-01-03 11:13 - 2020-06-28 18:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-03 11:13 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-01 23:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-01 13:37 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2022-01-01 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-31 14:19 - 2020-12-26 11:13 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2021-12-31 14:19 - 2020-10-04 10:20 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-31 14:19 - 2020-10-04 10:20 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-31 14:19 - 2020-06-28 18:34 - 000003298 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2021-12-31 14:14 - 2021-08-28 22:59 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2021-12-28 22:31 - 2018-12-30 11:18 - 000000891 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2021-12-28 14:50 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-12-26 17:34 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-12-25 23:05 - 2021-05-08 10:16 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-22 17:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-22 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-20 21:40 - 2020-06-28 18:00 - 000457736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 21:40 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-20 21:39 - 2020-06-28 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-20 21:39 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-20 21:38 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-20 21:38 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-12-20 21:31 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2021-12-20 20:52 - 2020-12-20 22:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-20 20:52 - 2019-06-08 09:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-20 20:50 - 2017-11-06 13:07 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-20 20:50 - 2014-12-26 00:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-19 21:41 - 2017-11-16 00:10 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2021-12-19 21:41 - 2013-08-07 16:11 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Adobe
2021-12-19 21:22 - 2020-06-28 16:39 - 000000000 ____D C:\Users\Roman
2021-12-19 16:39 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 22:51 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 22:50 - 2020-09-01 18:36 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 22:50 - 2020-04-02 18:52 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 22:50 - 2019-01-14 17:35 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 22:50 - 2018-10-09 18:09 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 22:50 - 2017-11-10 19:43 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 23:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-16 10:12 - 2013-09-07 13:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-16 10:01 - 2013-09-07 13:12 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 14:00 - 2013-09-26 10:25 - 000000000 ____D C:\ProgramData\Adobe
2021-12-11 22:32 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-05 13:11 - 2020-06-28 18:13 - 000911836 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-05 13:11 - 2014-03-30 16:06 - 000067138 _____ C:\WINDOWS\system32\perfh01B.dat
2021-12-05 13:11 - 2014-03-30 16:06 - 000020428 _____ C:\WINDOWS\system32\perfc01B.dat
==================== Files in the root of some directories ========
2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2020-03-18 18:15 - 2020-02-27 06:46 - 000451456 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2017-04-01 21:27 - 2021-08-22 11:17 - 000002247 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2021-08-22 11:31 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Roman (04-01-2022 09:55:53)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) (2020-06-28 17:35:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{0B6EEF71-4118-4836-9448-BB7546AB5EBC}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ICQ New (version 10.0.44734) (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\icq.desktop) (Version: 10.0.44734 - Mail.ru LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{67FC8095-9756-4008-BBE7-854BAD8F2588}) (Version: 12.12.2.2 - Apple Inc.)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.12.23.19 - PandoraTV)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
TP-LINK TL-WN822N (HKLM-x32\...\{54D158A1-EAC0-478E-99A9-2545E8035398}) (Version: 1.0.0 - TP-Link)
Ulož.to FileManager 2.84 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.84 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2170.3.0_x86__kgqvnymyfvs32 [2021-12-13] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-18] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2021-12-20 21:39 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000512000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000212992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Desktop\390\SneznickyMaraton2021_882A5572.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Ethernet: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Wi-Fi: AppEx Networks Accelerator -> appex_acc (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{634C2222-D64A-474D-8FA6-BF77BCE8413C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56C79C3E-86F0-4C8E-AABE-66B043766A4B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDA1A6F8-8323-4C51-AAF5-5E2F24741BBE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{29A690DA-7FF7-4C0C-A077-89A5DB7358B5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B3CBA7A9-2564-4E2F-8FB7-9AD12F1A92E4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7B8A3FE6-1060-4942-B592-F60A5E015762}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{4928A410-8AE6-4980-BAB7-9A4DF24A54C3}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{8F87A950-EBFC-4BE5-8434-2DFA057E40CB}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{AEF72FE0-E04D-4D95-9101-A55E44FF709E}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{97E01112-B4B2-41F8-89F6-C173C11607BA}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2075FDB7-6187-4AFF-8CF6-9DD34FD71FBE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{09D086E2-EE73-45E2-BDEC-DDBEBC314152}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0387F0BA-8D06-466A-9665-E35A6400D3D9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A243D723-83D1-410F-831B-60A45D318C26}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{96DAFDED-81B6-42FD-B7EE-7BB63135F37B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D8D96FD-0F15-496D-83A9-4261A14F3F83}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3BC5BFB5-C5E6-46B4-94D5-B485BE3BAC09}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{10324555-985B-4376-A056-7252120A1103}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E8DF7C2-76C5-49A6-9E15-1627EBCAC15D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{074CF21A-70F3-4E1D-9CC3-696E5663BB99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB102659-69F2-4E56-A167-BE2868E695DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03A2364C-701C-44AE-8CAD-5BD0977952FE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{430E6010-8D95-44C3-950E-F73F9EB2A615}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FAC03427-4A6F-41CC-B360-F6107D2BE161}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{444BE9E2-B69C-47F7-9014-9801A42C8177}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5BE7E4C9-9D58-4092-BA93-DC284FFBB710}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{467651E9-90B5-4443-8779-F9CDE3D59FE0}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
02-01-2022 19:25:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/04/2022 09:22:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (01/04/2022 09:23:50 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/04/2022 09:23:30 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/04/2022 09:23:12 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/04/2022 09:22:40 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/03/2022 10:16:05 AM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (01/02/2022 09:12:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/02/2022 07:24:26 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/02/2022 07:24:03 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Windows Defender:
================
Date: 2020-12-23 20:11:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:32:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:16:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2022-01-04 09:58:08
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-04 09:24:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 7368.32 MB
Available physical RAM: 3557.78 MB
Total Virtual: 14792.32 MB
Available Virtual: 10058.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.59 GB) (Free:384.65 GB) NTFS
\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Roman (05-01-2022 23:35:03) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{052d716f-26ba-11ec-84df-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7027e552-3b5c-11ec-84e2-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a91a17-b2ab-11e9-83c9-50465db58091} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdacpksd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24411314 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 260 B
Edge => 0 B
Firefox => 0 B
Opera => 517206506 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Roman => 7976021 B
RecycleBin => 94213 B
EmptyTemp: => 525.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:36:23 ====
Ran by Roman (05-01-2022 23:35:03) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{052d716f-26ba-11ec-84df-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7027e552-3b5c-11ec-84e2-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a91a17-b2ab-11e9-83c9-50465db58091} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdacpksd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24411314 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 260 B
Edge => 0 B
Firefox => 0 B
Opera => 517206506 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Roman => 7976021 B
RecycleBin => 94213 B
EmptyTemp: => 525.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:36:23 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Roman (administrator) on ROMAN (06-01-2022 12:41:17)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <3>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.32012.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <14>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3A0F562B-F61F-46BB-9252-ADB439BA283E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {3DB0FB5E-1637-45B2-9715-AC64C9E7845C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {60509CE4-F01F-46CF-9754-A3B5C2CB68B4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {607BE1A6-6D86-4E90-8D5C-E8B9BB5AF5BF} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7E71EE1E-7D25-48FD-976E-141AE68324C1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FF5FAA1-B481-46E1-84D9-8BBE61486B7F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {B1A56C2B-1522-4E48-9A79-B575D53D3C0C} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B5662160-1169-489E-8AE1-FF9675E271A5} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C1EB50C8-35BD-4C42-90F8-AA4AAC2CB2AF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-01] (Avast Software s.r.o. -> Avast Software)
Task: {D17B45A5-D326-4BFB-9A5E-F897A9D8ABA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {D7B11FC7-E319-4B6F-9D3F-CC3ACE870C44} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {DE729A8D-DCD4-454B-98AD-C1E9148094F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05f55d45-2dec-442d-a043-8c431bf54524}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25
Edge:
=======
DownloadDir: C:\Users\Roman\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001 -> hxxp://google.sk/
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-31]
Edge DownloadDir: Default -> C:\Users\Roman\Downloads
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"
FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2020-12-23]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Opera:
=======
OPR Profile: C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable [2022-01-06]
OPR DownloadDir: C:\Users\Roman\Desktop
OPR Notifications: Opera Stable -> hxxps://answear.sk; hxxps://www.facebook.com; hxxps://www.g-star.com; hxxps://www.instagram.com; hxxps://www.youtube.com
OPR StartupUrls: Opera Stable -> "hxxps://www.google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed] [File is in use]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-05] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 12:41 - 2022-01-06 12:45 - 000023464 _____ C:\Users\Roman\Desktop\FRST.txt
2022-01-05 23:35 - 2022-01-05 23:36 - 000039484 _____ C:\Users\Roman\Desktop\Fixlog.txt
2022-01-04 09:49 - 2022-01-06 12:42 - 000000000 ____D C:\FRST
2022-01-04 09:47 - 2022-01-04 09:47 - 002311168 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2021-12-20 21:26 - 2021-12-20 21:26 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-20 21:17 - 2021-12-20 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-20 21:16 - 2021-12-20 21:16 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 21:41 - 2021-12-19 21:41 - 000000000 ____D C:\Users\Roman\AppData\Local\SolidDocuments
2021-12-18 22:51 - 2021-12-18 22:51 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 22:51 - 2021-12-18 22:50 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-18 22:51 - 2021-12-18 22:50 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-17 12:30 - 2021-12-17 12:30 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 11:27 - 2021-12-16 11:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 10:12 - 2021-12-16 10:12 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:01 - 2021-12-14 14:01 - 000000000 ____D C:\Program Files\Adobe
2021-12-14 14:00 - 2021-12-20 21:13 - 000000000 ____D C:\Program Files\Common Files\Adobe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 12:39 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2022-01-06 12:37 - 2020-06-28 18:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-06 12:36 - 2020-06-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-06 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 00:03 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-01-05 23:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-05 23:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-05 23:43 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2022-01-05 23:40 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-05 23:39 - 2020-06-28 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-05 23:38 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-05 23:38 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2022-01-05 23:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-05 23:37 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-01-05 23:36 - 2013-12-09 14:33 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Temp
2022-01-05 23:30 - 2021-08-28 22:59 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2022-01-05 23:30 - 2020-12-26 11:13 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2022-01-05 23:30 - 2020-10-04 10:20 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-05 23:30 - 2020-10-04 10:20 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-05 23:30 - 2020-06-28 18:34 - 000003298 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2022-01-05 23:30 - 2020-06-28 18:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-05 23:30 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-05 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-04 09:14 - 2018-05-12 10:38 - 000000000 ____D C:\Users\Roman\AppData\Local\D3DSCache
2022-01-01 23:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-28 22:31 - 2018-12-30 11:18 - 000000891 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2021-12-28 14:50 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-12-25 23:05 - 2021-05-08 10:16 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-20 21:40 - 2020-06-28 18:00 - 000457736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 21:31 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2021-12-20 20:52 - 2020-12-20 22:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-20 20:52 - 2019-06-08 09:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-20 20:50 - 2017-11-06 13:07 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-20 20:50 - 2014-12-26 00:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-19 21:41 - 2017-11-16 00:10 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2021-12-19 21:41 - 2013-08-07 16:11 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Adobe
2021-12-19 21:22 - 2020-06-28 16:39 - 000000000 ____D C:\Users\Roman
2021-12-19 16:39 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 22:51 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 22:50 - 2020-09-01 18:36 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 22:50 - 2020-04-02 18:52 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 22:50 - 2019-01-14 17:35 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 22:50 - 2018-10-09 18:09 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 22:50 - 2017-11-10 19:43 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 23:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-16 10:12 - 2013-09-07 13:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-16 10:01 - 2013-09-07 13:12 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 14:00 - 2013-09-26 10:25 - 000000000 ____D C:\ProgramData\Adobe
2021-12-11 22:32 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Files in the root of some directories ========
2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2020-03-18 18:15 - 2020-02-27 06:46 - 000451456 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2017-04-01 21:27 - 2021-08-22 11:17 - 000002247 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2021-08-22 11:31 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Roman (06-01-2022 12:46:12)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) (2020-06-28 17:35:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{0B6EEF71-4118-4836-9448-BB7546AB5EBC}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ICQ New (version 10.0.44734) (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\icq.desktop) (Version: 10.0.44734 - Mail.ru LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{67FC8095-9756-4008-BBE7-854BAD8F2588}) (Version: 12.12.2.2 - Apple Inc.)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.12.23.19 - PandoraTV)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
TP-LINK TL-WN822N (HKLM-x32\...\{54D158A1-EAC0-478E-99A9-2545E8035398}) (Version: 1.0.0 - TP-Link)
Ulož.to FileManager 2.84 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.84 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2170.3.0_x86__kgqvnymyfvs32 [2021-12-13] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-18] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2022-01-05 23:39 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000512000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000212992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Desktop\390\SneznickyMaraton2021_882A5572.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Ethernet: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Wi-Fi: AppEx Networks Accelerator -> appex_acc (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{634C2222-D64A-474D-8FA6-BF77BCE8413C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56C79C3E-86F0-4C8E-AABE-66B043766A4B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDA1A6F8-8323-4C51-AAF5-5E2F24741BBE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{29A690DA-7FF7-4C0C-A077-89A5DB7358B5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B3CBA7A9-2564-4E2F-8FB7-9AD12F1A92E4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7B8A3FE6-1060-4942-B592-F60A5E015762}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{4928A410-8AE6-4980-BAB7-9A4DF24A54C3}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{8F87A950-EBFC-4BE5-8434-2DFA057E40CB}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{AEF72FE0-E04D-4D95-9101-A55E44FF709E}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{97E01112-B4B2-41F8-89F6-C173C11607BA}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2075FDB7-6187-4AFF-8CF6-9DD34FD71FBE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{09D086E2-EE73-45E2-BDEC-DDBEBC314152}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0387F0BA-8D06-466A-9665-E35A6400D3D9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A243D723-83D1-410F-831B-60A45D318C26}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{96DAFDED-81B6-42FD-B7EE-7BB63135F37B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D8D96FD-0F15-496D-83A9-4261A14F3F83}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3BC5BFB5-C5E6-46B4-94D5-B485BE3BAC09}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{10324555-985B-4376-A056-7252120A1103}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E8DF7C2-76C5-49A6-9E15-1627EBCAC15D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{074CF21A-70F3-4E1D-9CC3-696E5663BB99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB102659-69F2-4E56-A167-BE2868E695DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03A2364C-701C-44AE-8CAD-5BD0977952FE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{430E6010-8D95-44C3-950E-F73F9EB2A615}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FAC03427-4A6F-41CC-B360-F6107D2BE161}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{444BE9E2-B69C-47F7-9014-9801A42C8177}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5BE7E4C9-9D58-4092-BA93-DC284FFBB710}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{467651E9-90B5-4443-8779-F9CDE3D59FE0}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
02-01-2022 19:25:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/05/2022 11:40:45 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.
Error: (01/04/2022 10:31:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 10:16:24 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 10:06:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 09:22:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (01/06/2022 12:34:29 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/05/2022 11:51:48 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:35 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:28 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:50:54 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:50:38 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:40:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby avast! Tools bol dosiahnutý časový limit (30000 ms).
Windows Defender:
================
Date: 2020-12-23 20:11:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:32:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:16:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2022-01-06 12:39:41
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-06 12:39:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3264.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-06 12:39:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 7368.32 MB
Available physical RAM: 3594.71 MB
Total Virtual: 14792.32 MB
Available Virtual: 10296.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.59 GB) (Free:382.11 GB) NTFS
\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
==================== End of Addition.txt =======================
Ran by Roman (administrator) on ROMAN (06-01-2022 12:41:17)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <3>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.32012.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <14>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3A0F562B-F61F-46BB-9252-ADB439BA283E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {3DB0FB5E-1637-45B2-9715-AC64C9E7845C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {60509CE4-F01F-46CF-9754-A3B5C2CB68B4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {607BE1A6-6D86-4E90-8D5C-E8B9BB5AF5BF} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7E71EE1E-7D25-48FD-976E-141AE68324C1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FF5FAA1-B481-46E1-84D9-8BBE61486B7F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {B1A56C2B-1522-4E48-9A79-B575D53D3C0C} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B5662160-1169-489E-8AE1-FF9675E271A5} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C1EB50C8-35BD-4C42-90F8-AA4AAC2CB2AF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-01] (Avast Software s.r.o. -> Avast Software)
Task: {D17B45A5-D326-4BFB-9A5E-F897A9D8ABA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {D7B11FC7-E319-4B6F-9D3F-CC3ACE870C44} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {DE729A8D-DCD4-454B-98AD-C1E9148094F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05f55d45-2dec-442d-a043-8c431bf54524}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25
Edge:
=======
DownloadDir: C:\Users\Roman\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001 -> hxxp://google.sk/
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-31]
Edge DownloadDir: Default -> C:\Users\Roman\Downloads
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"
FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2020-12-23]
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Opera:
=======
OPR Profile: C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable [2022-01-06]
OPR DownloadDir: C:\Users\Roman\Desktop
OPR Notifications: Opera Stable -> hxxps://answear.sk; hxxps://www.facebook.com; hxxps://www.g-star.com; hxxps://www.instagram.com; hxxps://www.youtube.com
OPR StartupUrls: Opera Stable -> "hxxps://www.google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed] [File is in use]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-05] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 12:41 - 2022-01-06 12:45 - 000023464 _____ C:\Users\Roman\Desktop\FRST.txt
2022-01-05 23:35 - 2022-01-05 23:36 - 000039484 _____ C:\Users\Roman\Desktop\Fixlog.txt
2022-01-04 09:49 - 2022-01-06 12:42 - 000000000 ____D C:\FRST
2022-01-04 09:47 - 2022-01-04 09:47 - 002311168 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2021-12-20 21:26 - 2021-12-20 21:26 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-20 21:17 - 2021-12-20 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-20 21:16 - 2021-12-20 21:16 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 21:41 - 2021-12-19 21:41 - 000000000 ____D C:\Users\Roman\AppData\Local\SolidDocuments
2021-12-18 22:51 - 2021-12-18 22:51 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 22:51 - 2021-12-18 22:50 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-18 22:51 - 2021-12-18 22:50 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-17 12:30 - 2021-12-17 12:30 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-16 11:27 - 2021-12-16 11:27 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-16 11:27 - 2021-12-16 11:27 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-16 10:12 - 2021-12-16 10:12 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:01 - 2021-12-14 14:01 - 000000000 ____D C:\Program Files\Adobe
2021-12-14 14:00 - 2021-12-20 21:13 - 000000000 ____D C:\Program Files\Common Files\Adobe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 12:39 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2022-01-06 12:37 - 2020-06-28 18:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-06 12:36 - 2020-06-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-06 00:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 00:03 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-01-05 23:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-05 23:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-05 23:43 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2022-01-05 23:40 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-05 23:39 - 2020-06-28 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-05 23:38 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-05 23:38 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2022-01-05 23:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-05 23:37 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-01-05 23:36 - 2013-12-09 14:33 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Temp
2022-01-05 23:30 - 2021-08-28 22:59 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2022-01-05 23:30 - 2020-12-26 11:13 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2022-01-05 23:30 - 2020-10-04 10:20 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-05 23:30 - 2020-10-04 10:20 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-05 23:30 - 2020-06-28 18:34 - 000003298 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2022-01-05 23:30 - 2020-06-28 18:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-05 23:30 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-05 22:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-04 09:14 - 2018-05-12 10:38 - 000000000 ____D C:\Users\Roman\AppData\Local\D3DSCache
2022-01-01 23:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-28 22:31 - 2018-12-30 11:18 - 000000891 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2021-12-28 14:50 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-12-25 23:05 - 2021-05-08 10:16 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-20 21:40 - 2020-06-28 18:00 - 000457736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 21:31 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2021-12-20 20:52 - 2020-12-20 22:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-20 20:52 - 2019-06-08 09:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-20 20:50 - 2017-11-06 13:07 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-20 20:50 - 2014-12-26 00:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-19 21:41 - 2017-11-16 00:10 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2021-12-19 21:41 - 2013-08-07 16:11 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Adobe
2021-12-19 21:22 - 2020-06-28 16:39 - 000000000 ____D C:\Users\Roman
2021-12-19 16:39 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 22:51 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 22:50 - 2020-09-01 18:36 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 22:50 - 2020-04-02 18:52 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 22:50 - 2019-01-14 17:35 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 22:50 - 2019-01-05 16:15 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 22:50 - 2018-10-09 18:09 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 22:50 - 2017-11-10 19:43 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 22:50 - 2017-09-25 11:43 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-16 23:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-16 10:12 - 2013-09-07 13:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-16 10:01 - 2013-09-07 13:12 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-14 14:00 - 2013-09-26 10:25 - 000000000 ____D C:\ProgramData\Adobe
2021-12-11 22:32 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Files in the root of some directories ========
2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2020-03-18 18:15 - 2020-02-27 06:46 - 000451456 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2017-04-01 21:27 - 2021-08-22 11:17 - 000002247 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2021-08-22 11:31 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Roman (06-01-2022 12:46:12)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1415 (X64) (2020-06-28 17:35:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{0B6EEF71-4118-4836-9448-BB7546AB5EBC}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ICQ New (version 10.0.44734) (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\icq.desktop) (Version: 10.0.44734 - Mail.ru LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{67FC8095-9756-4008-BBE7-854BAD8F2588}) (Version: 12.12.2.2 - Apple Inc.)
Java 8 Update 311 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.12.23.19 - PandoraTV)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
TP-LINK TL-WN822N (HKLM-x32\...\{54D158A1-EAC0-478E-99A9-2545E8035398}) (Version: 1.0.0 - TP-Link)
Ulož.to FileManager 2.84 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.84 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2170.3.0_x86__kgqvnymyfvs32 [2021-12-13] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-18] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2022-01-05 23:39 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000512000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000212992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-05] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\Desktop\390\SneznickyMaraton2021_882A5572.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Ethernet: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Wi-Fi: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Wi-Fi: AppEx Networks Accelerator -> appex_acc (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{634C2222-D64A-474D-8FA6-BF77BCE8413C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56C79C3E-86F0-4C8E-AABE-66B043766A4B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDA1A6F8-8323-4C51-AAF5-5E2F24741BBE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{29A690DA-7FF7-4C0C-A077-89A5DB7358B5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B3CBA7A9-2564-4E2F-8FB7-9AD12F1A92E4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7B8A3FE6-1060-4942-B592-F60A5E015762}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{4928A410-8AE6-4980-BAB7-9A4DF24A54C3}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{8F87A950-EBFC-4BE5-8434-2DFA057E40CB}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{AEF72FE0-E04D-4D95-9101-A55E44FF709E}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{97E01112-B4B2-41F8-89F6-C173C11607BA}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2075FDB7-6187-4AFF-8CF6-9DD34FD71FBE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{09D086E2-EE73-45E2-BDEC-DDBEBC314152}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0387F0BA-8D06-466A-9665-E35A6400D3D9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A243D723-83D1-410F-831B-60A45D318C26}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{96DAFDED-81B6-42FD-B7EE-7BB63135F37B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3D8D96FD-0F15-496D-83A9-4261A14F3F83}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3BC5BFB5-C5E6-46B4-94D5-B485BE3BAC09}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{10324555-985B-4376-A056-7252120A1103}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E8DF7C2-76C5-49A6-9E15-1627EBCAC15D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{074CF21A-70F3-4E1D-9CC3-696E5663BB99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB102659-69F2-4E56-A167-BE2868E695DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03A2364C-701C-44AE-8CAD-5BD0977952FE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{430E6010-8D95-44C3-950E-F73F9EB2A615}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FAC03427-4A6F-41CC-B360-F6107D2BE161}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{444BE9E2-B69C-47F7-9014-9801A42C8177}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5BE7E4C9-9D58-4092-BA93-DC284FFBB710}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{467651E9-90B5-4443-8779-F9CDE3D59FE0}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
02-01-2022 19:25:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/05/2022 11:40:45 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.
Error: (01/04/2022 10:31:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 10:16:24 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 10:06:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
Error: (01/04/2022 09:22:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v \\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\, pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)
System errors:
=============
Error: (01/06/2022 12:34:29 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (01/05/2022 11:51:48 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:35 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:28 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:51:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:50:54 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:50:38 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/05/2022 11:40:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby avast! Tools bol dosiahnutý časový limit (30000 ms).
Windows Defender:
================
Date: 2020-12-23 20:11:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:32:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-23 19:16:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2022-01-06 12:39:41
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-06 12:39:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3264.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-06 12:39:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 7368.32 MB
Available physical RAM: 3594.71 MB
Total Virtual: 14792.32 MB
Available Virtual: 10296.51 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.59 GB) (Free:382.11 GB) NTFS
\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
Potřebuji vidět obsah souboru fixlog.txt. Je na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Roman (05-01-2022 23:35:03) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{052d716f-26ba-11ec-84df-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7027e552-3b5c-11ec-84e2-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a91a17-b2ab-11e9-83c9-50465db58091} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdacpksd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24411314 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 260 B
Edge => 0 B
Firefox => 0 B
Opera => 517206506 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Roman => 7976021 B
RecycleBin => 94213 B
EmptyTemp: => 525.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:36:23 ====
Ran by Roman (05-01-2022 23:35:03) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {052d716f-26ba-11ec-84df-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {7027e552-3b5c-11ec-84e2-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{052d716f-26ba-11ec-84df-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7027e552-3b5c-11ec-84e2-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a91a17-b2ab-11e9-83c9-50465db58091} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdacpksd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24411314 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 260 B
Edge => 0 B
Firefox => 0 B
Opera => 517206506 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Roman => 7976021 B
RecycleBin => 94213 B
EmptyTemp: => 525.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:36:23 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
OK. Log je již v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Velmi este raz dakujem tak PC je hotove , este by som chcel skontrolovat notebook tu mam dat log ci do noveho tematu ?
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
Klidně ho dejte sem. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Prikladam z notebooku logy FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (06-01-2022 20:19:17)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <5>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\launcher.exe
(Piriform Software Ltd -> Piriform) C:\Program Files\CCleaner\CCUpdate.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C16235A-8FC0-409D-8EC2-9810F4570226} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {16E9D969-B11F-4EE3-ABD8-FFC60043F035} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\adcdeed6-4c49-4ff1-b510-30852218ad2a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {44F06403-6247-4FC9-9665-FEFC0F4593FA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {54200E14-8305-4F65-9313-28DA22E778F5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a1d2d41-5e77-4b0e-b8c5-b442bd81c57b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8358A3BC-F3B7-4C9E-88A9-4FE3E12DA12E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {86AC58A3-1CAE-47EA-8C6D-07B9860FDE2D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c3c4875-150b-494e-94e4-0ccb6f6036ef => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9E727CD6-4E6E-4C0A-A9A3-04B7C6042243} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A46A6317-5D69-4567-95E9-85D7C2E26751} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\24356df3-1988-4b8b-8d9a-b6be4e6850c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {B5C9D3F0-DEA5-41CA-83FC-83A9BC6E972D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1e8155ed-aabe-46b5-8519-4dfa554f8c13 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E30655C0-B54D-4205-8910-672FD9857717} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F535B2FD-598D-4414-A0DF-F08D01D38259} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-24]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-01-06]
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR StartupUrls: Opera Stable -> "hxxp://google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 20:19 - 2022-01-06 20:23 - 000021140 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-01-06 15:07 - 2022-01-06 20:21 - 000000000 ____D C:\FRST
2022-01-06 15:05 - 2022-01-06 15:05 - 002311168 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2021-12-24 14:53 - 2021-12-24 14:53 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-23 19:47 - 2021-12-23 19:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-22 08:16 - 2021-12-22 08:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\SolidDocuments
2021-12-21 22:41 - 2021-12-21 22:46 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-21 22:41 - 2021-12-21 22:46 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-21 22:39 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Adobe
2021-12-21 22:37 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-19 15:45 - 2021-12-19 15:45 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-19 15:45 - 2021-12-19 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-19 15:32 - 2021-12-19 15:32 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2021-12-19 14:55 - 2021-12-19 14:55 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2021-12-18 16:23 - 2021-12-18 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 16:20 - 2021-12-18 16:19 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-18 16:20 - 2021-12-18 16:18 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-15 13:14 - 2021-12-15 13:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 12:40 - 2021-12-15 12:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 11:26 - 2021-12-15 11:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 20:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 20:17 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-01-06 20:11 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-01-06 20:10 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-06 20:10 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-06 20:10 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-06 19:55 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-01-06 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-06 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-06 12:02 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-01-02 08:38 - 2021-11-21 20:20 - 000002016 _____ C:\WINDOWS\storelibdebug.txt
2022-01-02 08:26 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-27 15:20 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-12-24 17:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-24 17:56 - 2018-03-30 21:36 - 000000335 _____ C:\Users\Kohutovci\Desktop\computer.lnk
2021-12-24 17:03 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2021-12-24 16:52 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-24 16:50 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2021-12-24 16:49 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-24 12:53 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2021-12-24 12:53 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-23 20:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-23 19:53 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 19:53 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 19:47 - 2019-05-17 22:10 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-22 08:16 - 2018-03-28 06:52 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Adobe
2021-12-21 22:37 - 2018-04-02 16:21 - 000000000 ____D C:\ProgramData\Adobe
2021-12-21 10:30 - 2018-03-28 06:50 - 000094072 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-20 19:33 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 15:50 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 15:50 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2021-12-19 15:44 - 2021-12-04 18:15 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 15:30 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-12-19 15:28 - 2018-04-02 19:30 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-12-19 15:13 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 10:41 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 16:20 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 16:19 - 2019-01-05 14:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 16:19 - 2019-01-05 14:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-18 16:18 - 2020-09-01 21:17 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 16:18 - 2020-04-03 08:06 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 16:18 - 2019-01-05 14:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 16:18 - 2018-10-09 13:36 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 16:17 - 2019-01-14 15:32 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-15 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 11:14 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 11:05 - 2018-03-28 07:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-11 12:34 - 2020-10-11 08:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 12:34 - 2020-10-11 08:18 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Kohutovci (06-01-2022 20:25:30)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.11.25.32 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-23] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-12-23 08:31 - 2021-12-13 02:26 - 000675328 _____ () [File not signed] [File is in use] C:\ProgramData\Lenovo\iMController\Plugins\LenovoVisionProtectionPlugin\x64\PlatformInterface.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7F9A0A9E-36F7-4047-AD6E-0E9A6C79DCC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F97C9768-A47A-4F10-887E-B06F2FA8C4E0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5DEB2CD-E36E-4709-9986-E0F19DE6F092}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2D47FF57-A072-4F7E-B286-D486F545A728}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7FEBDE-1BBB-405E-A226-A8678841A79A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{611DD1BB-922A-4978-8BDE-5E9A16C4E804}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E6D47E-E906-46ED-AE9F-618BD695D371}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ABA9982D-0D4D-4579-91F5-0084C2D20A86}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1D4ED46C-2AA9-4228-9C82-C9EEFF7872F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E22721F1-7B8C-4090-8B2D-2693C6525D5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04305C71-8F8E-4EC4-9F18-FED4743A4FE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{610AD334-900D-4473-8ED2-5A63C1759523}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA6BCE5B-A387-43B3-A949-2C4117DD08CB}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D4DC7F8D-D4A4-47D0-9A7A-A88BEBD828BB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{80823B87-8992-4316-9551-F0928B366765}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3FF0B463-2594-461D-BF7D-48FE151C2E0C}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
15-12-2021 11:47:22 Inštalátor modulov systému Windows
24-12-2021 18:35:12 Scheduled Checkpoint
02-01-2022 20:06:57 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2022 08:25:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1814
Čas spustenia chybujúcej aplikácie: 0x01d80333333661da
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 0aa4b1bb-3f70-44f8-86b9-8d064e2ec511
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x28e4
Čas spustenia chybujúcej aplikácie: 0x01d80331fafffca7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: a775c900-05e9-48c8-aaf4-51891c6e48d0
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2be8
Čas spustenia chybujúcej aplikácie: 0x01d80331fb00c54c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f72314dc-b8e5-4eae-800e-31ac5e5cd598
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2bcc
Čas spustenia chybujúcej aplikácie: 0x01d80331fb0076c8
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 21c1de1b-11b9-483f-8f46-051d965b9da0
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (01/06/2022 08:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2b8c
Čas spustenia chybujúcej aplikácie: 0x01d80331fb06d62c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 977180ab-6260-4cec-b44c-a4d86149c0c2
Celé meno chybujúceho balíka: Microsoft.WindowsStore_22112.1401.2.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:15:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2230
Čas spustenia chybujúcej aplikácie: 0x01d80331be3df8d6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 5853c57d-308e-424e-b998-779a948dad63
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2138
Čas spustenia chybujúcej aplikácie: 0x01d80331a3cf8067
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: bf21aead-431f-421b-9175-9f5550ae3954
Celé meno chybujúceho balíka: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (01/06/2022 08:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x25b0
Čas spustenia chybujúcej aplikácie: 0x01d80331acc5d064
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2e10afbd-94de-4e7e-954f-d66946b6ea19
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (01/06/2022 08:25:48 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:20:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service sa pri spustení zablokovala.
Error: (01/06/2022 08:18:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba poskytovania úložiska sa pri spustení zablokovala.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:06 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsStore_22112.1401.2.0_x64__8wekyb3d8bbwe!App.AppXqvfqcb1ak0pv715cpgs18367g441cbgz.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:15:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Guard Runtime Monitor Broker zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===============
Date: 2022-01-06 20:29:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-06 20:29:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-06 20:16:59
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 84%
Total physical RAM: 3893.05 MB
Available physical RAM: 595.62 MB
Total Virtual: 7861.05 MB
Available Virtual: 4125.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:380.65 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (06-01-2022 20:19:17)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <5>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\launcher.exe
(Piriform Software Ltd -> Piriform) C:\Program Files\CCleaner\CCUpdate.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C16235A-8FC0-409D-8EC2-9810F4570226} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [63728 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {16E9D969-B11F-4EE3-ABD8-FFC60043F035} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\adcdeed6-4c49-4ff1-b510-30852218ad2a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {44F06403-6247-4FC9-9665-FEFC0F4593FA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {54200E14-8305-4F65-9313-28DA22E778F5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a1d2d41-5e77-4b0e-b8c5-b442bd81c57b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8358A3BC-F3B7-4C9E-88A9-4FE3E12DA12E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {86AC58A3-1CAE-47EA-8C6D-07B9860FDE2D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c3c4875-150b-494e-94e4-0ccb6f6036ef => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9E727CD6-4E6E-4C0A-A9A3-04B7C6042243} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A46A6317-5D69-4567-95E9-85D7C2E26751} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\24356df3-1988-4b8b-8d9a-b6be4e6850c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {B5C9D3F0-DEA5-41CA-83FC-83A9BC6E972D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1e8155ed-aabe-46b5-8519-4dfa554f8c13 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E30655C0-B54D-4205-8910-672FD9857717} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F535B2FD-598D-4414-A0DF-F08D01D38259} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-24]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-01-06]
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR StartupUrls: Opera Stable -> "hxxp://google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [83200 2021-11-07] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 20:19 - 2022-01-06 20:23 - 000021140 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-01-06 15:07 - 2022-01-06 20:21 - 000000000 ____D C:\FRST
2022-01-06 15:05 - 2022-01-06 15:05 - 002311168 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2021-12-24 14:53 - 2021-12-24 14:53 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-23 19:47 - 2021-12-23 19:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-22 08:16 - 2021-12-22 08:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\SolidDocuments
2021-12-21 22:41 - 2021-12-21 22:46 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-21 22:41 - 2021-12-21 22:46 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-21 22:39 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Adobe
2021-12-21 22:37 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-19 15:45 - 2021-12-19 15:45 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-19 15:45 - 2021-12-19 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-19 15:32 - 2021-12-19 15:32 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2021-12-19 14:55 - 2021-12-19 14:55 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2021-12-18 16:23 - 2021-12-18 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 16:20 - 2021-12-18 16:19 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-18 16:20 - 2021-12-18 16:18 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-15 13:14 - 2021-12-15 13:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 12:40 - 2021-12-15 12:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 11:26 - 2021-12-15 11:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-06 20:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 20:17 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-01-06 20:11 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-01-06 20:10 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-06 20:10 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-06 20:10 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-06 19:55 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-01-06 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-06 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-06 12:02 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-01-02 08:38 - 2021-11-21 20:20 - 000002016 _____ C:\WINDOWS\storelibdebug.txt
2022-01-02 08:26 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-27 15:20 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2021-12-24 17:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-24 17:56 - 2018-03-30 21:36 - 000000335 _____ C:\Users\Kohutovci\Desktop\computer.lnk
2021-12-24 17:03 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2021-12-24 16:52 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-24 16:50 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2021-12-24 16:49 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-24 12:53 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2021-12-24 12:53 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-23 20:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-23 19:53 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 19:53 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 19:47 - 2019-05-17 22:10 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-22 08:16 - 2018-03-28 06:52 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Adobe
2021-12-21 22:37 - 2018-04-02 16:21 - 000000000 ____D C:\ProgramData\Adobe
2021-12-21 10:30 - 2018-03-28 06:50 - 000094072 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-20 19:33 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 15:50 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 15:50 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2021-12-19 15:44 - 2021-12-04 18:15 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 15:30 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-12-19 15:28 - 2018-04-02 19:30 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-12-19 15:13 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 10:41 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 16:20 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 16:19 - 2019-01-05 14:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 16:19 - 2019-01-05 14:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-18 16:18 - 2020-09-01 21:17 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 16:18 - 2020-04-03 08:06 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 16:18 - 2019-01-05 14:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 16:18 - 2018-10-09 13:36 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 16:17 - 2019-01-14 15:32 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-15 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 11:14 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 11:05 - 2018-03-28 07:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-11 12:34 - 2020-10-11 08:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 12:34 - 2020-10-11 08:18 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Kohutovci (06-01-2022 20:25:30)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.11.25.32 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-23] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-12-23 08:31 - 2021-12-13 02:26 - 000675328 _____ () [File not signed] [File is in use] C:\ProgramData\Lenovo\iMController\Plugins\LenovoVisionProtectionPlugin\x64\PlatformInterface.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7F9A0A9E-36F7-4047-AD6E-0E9A6C79DCC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F97C9768-A47A-4F10-887E-B06F2FA8C4E0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5DEB2CD-E36E-4709-9986-E0F19DE6F092}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2D47FF57-A072-4F7E-B286-D486F545A728}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7FEBDE-1BBB-405E-A226-A8678841A79A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{611DD1BB-922A-4978-8BDE-5E9A16C4E804}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E6D47E-E906-46ED-AE9F-618BD695D371}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ABA9982D-0D4D-4579-91F5-0084C2D20A86}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1D4ED46C-2AA9-4228-9C82-C9EEFF7872F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E22721F1-7B8C-4090-8B2D-2693C6525D5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04305C71-8F8E-4EC4-9F18-FED4743A4FE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{610AD334-900D-4473-8ED2-5A63C1759523}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA6BCE5B-A387-43B3-A949-2C4117DD08CB}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D4DC7F8D-D4A4-47D0-9A7A-A88BEBD828BB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{80823B87-8992-4316-9551-F0928B366765}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3FF0B463-2594-461D-BF7D-48FE151C2E0C}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
15-12-2021 11:47:22 Inštalátor modulov systému Windows
24-12-2021 18:35:12 Scheduled Checkpoint
02-01-2022 20:06:57 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2022 08:25:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1814
Čas spustenia chybujúcej aplikácie: 0x01d80333333661da
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 0aa4b1bb-3f70-44f8-86b9-8d064e2ec511
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x28e4
Čas spustenia chybujúcej aplikácie: 0x01d80331fafffca7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: a775c900-05e9-48c8-aaf4-51891c6e48d0
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2be8
Čas spustenia chybujúcej aplikácie: 0x01d80331fb00c54c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f72314dc-b8e5-4eae-800e-31ac5e5cd598
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2bcc
Čas spustenia chybujúcej aplikácie: 0x01d80331fb0076c8
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 21c1de1b-11b9-483f-8f46-051d965b9da0
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (01/06/2022 08:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2b8c
Čas spustenia chybujúcej aplikácie: 0x01d80331fb06d62c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 977180ab-6260-4cec-b44c-a4d86149c0c2
Celé meno chybujúceho balíka: Microsoft.WindowsStore_22112.1401.2.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:15:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2230
Čas spustenia chybujúcej aplikácie: 0x01d80331be3df8d6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 5853c57d-308e-424e-b998-779a948dad63
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/06/2022 08:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2138
Čas spustenia chybujúcej aplikácie: 0x01d80331a3cf8067
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: bf21aead-431f-421b-9175-9f5550ae3954
Celé meno chybujúceho balíka: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (01/06/2022 08:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x25b0
Čas spustenia chybujúcej aplikácie: 0x01d80331acc5d064
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2e10afbd-94de-4e7e-954f-d66946b6ea19
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (01/06/2022 08:25:48 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:20:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service sa pri spustení zablokovala.
Error: (01/06/2022 08:18:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba poskytovania úložiska sa pri spustení zablokovala.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:07 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:17:06 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsStore_22112.1401.2.0_x64__8wekyb3d8bbwe!App.AppXqvfqcb1ak0pv715cpgs18367g441cbgz.mca did not register with DCOM within the required timeout.
Error: (01/06/2022 08:15:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Guard Runtime Monitor Broker zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===============
Date: 2022-01-06 20:29:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-06 20:29:56
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-06 20:16:59
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 84%
Total physical RAM: 3893.05 MB
Available physical RAM: 595.62 MB
Total Virtual: 7861.05 MB
Available Virtual: 4125.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:380.65 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
Opět spusťte ADWCleaner:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-07-2022
# Duration: 00:00:33
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Kohutovci\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1865 octets] - [07/01/2022 11:39:31]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-07-2022
# Duration: 00:00:33
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Kohutovci\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1865 octets] - [07/01/2022 11:39:31]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka PC
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (07-01-2022 20:30:14)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.32012.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C16235A-8FC0-409D-8EC2-9810F4570226} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {16E9D969-B11F-4EE3-ABD8-FFC60043F035} - \Lenovo\ImController\TimeBasedEvents\adcdeed6-4c49-4ff1-b510-30852218ad2a -> No File <==== ATTENTION
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {44F06403-6247-4FC9-9665-FEFC0F4593FA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {54200E14-8305-4F65-9313-28DA22E778F5} - \Lenovo\ImController\TimeBasedEvents\3a1d2d41-5e77-4b0e-b8c5-b442bd81c57b -> No File <==== ATTENTION
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8358A3BC-F3B7-4C9E-88A9-4FE3E12DA12E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {86AC58A3-1CAE-47EA-8C6D-07B9860FDE2D} - \Lenovo\ImController\TimeBasedEvents\2c3c4875-150b-494e-94e4-0ccb6f6036ef -> No File <==== ATTENTION
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9E727CD6-4E6E-4C0A-A9A3-04B7C6042243} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A46A6317-5D69-4567-95E9-85D7C2E26751} - \Lenovo\ImController\TimeBasedEvents\24356df3-1988-4b8b-8d9a-b6be4e6850c5 -> No File <==== ATTENTION
Task: {B5C9D3F0-DEA5-41CA-83FC-83A9BC6E972D} - \Lenovo\ImController\TimeBasedEvents\1e8155ed-aabe-46b5-8519-4dfa554f8c13 -> No File <==== ATTENTION
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E30655C0-B54D-4205-8910-672FD9857717} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F535B2FD-598D-4414-A0DF-F08D01D38259} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-24]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-01-07]
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR StartupUrls: Opera Stable -> "hxxp://google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-07 20:30 - 2022-01-07 20:32 - 000017273 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-01-07 11:38 - 2022-01-07 11:41 - 000000000 ____D C:\AdwCleaner
2022-01-07 11:37 - 2022-01-07 11:37 - 008540344 _____ (Malwarebytes) C:\Users\Kohutovci\Desktop\adwcleaner_8.3.1.exe
2022-01-06 15:07 - 2022-01-07 20:31 - 000000000 ____D C:\FRST
2022-01-06 15:05 - 2022-01-06 15:05 - 002311168 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2021-12-24 14:53 - 2021-12-24 14:53 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-23 19:47 - 2021-12-23 19:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-22 08:16 - 2021-12-22 08:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\SolidDocuments
2021-12-21 22:41 - 2021-12-21 22:46 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-21 22:41 - 2021-12-21 22:46 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-21 22:39 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Adobe
2021-12-21 22:37 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-19 15:45 - 2021-12-19 15:45 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-19 15:45 - 2021-12-19 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-19 15:32 - 2021-12-19 15:32 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2021-12-19 14:55 - 2021-12-19 14:55 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2021-12-18 16:23 - 2021-12-18 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 16:20 - 2021-12-18 16:19 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-18 16:20 - 2021-12-18 16:18 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-15 13:14 - 2021-12-15 13:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 12:40 - 2021-12-15 12:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 11:26 - 2021-12-15 11:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-07 20:32 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-01-07 20:30 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-01-07 20:30 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-01-07 20:29 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-07 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-07 12:16 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-01-07 11:41 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-01-07 11:41 - 2020-06-28 13:01 - 000000000 ____D C:\WINDOWS\Lenovo
2022-01-07 11:41 - 2018-03-28 06:57 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\Lenovo
2022-01-07 11:41 - 2017-11-28 06:57 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-06 20:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-06 20:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-06 20:11 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-01-06 20:10 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-06 20:10 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-06 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-02 08:38 - 2021-11-21 20:20 - 000002016 _____ C:\WINDOWS\storelibdebug.txt
2022-01-02 08:26 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-24 17:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-24 17:56 - 2018-03-30 21:36 - 000000335 _____ C:\Users\Kohutovci\Desktop\computer.lnk
2021-12-24 17:03 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2021-12-24 16:52 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-24 16:50 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2021-12-24 16:49 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-24 12:53 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2021-12-24 12:53 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-23 19:53 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 19:53 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 19:47 - 2019-05-17 22:10 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-22 08:16 - 2018-03-28 06:52 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Adobe
2021-12-21 22:37 - 2018-04-02 16:21 - 000000000 ____D C:\ProgramData\Adobe
2021-12-21 10:30 - 2018-03-28 06:50 - 000094072 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-20 19:33 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 15:50 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 15:50 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2021-12-19 15:44 - 2021-12-04 18:15 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 15:30 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-12-19 15:28 - 2018-04-02 19:30 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-12-19 15:13 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 10:41 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 16:20 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 16:19 - 2019-01-05 14:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 16:19 - 2019-01-05 14:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-18 16:18 - 2020-09-01 21:17 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 16:18 - 2020-04-03 08:06 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 16:18 - 2019-01-05 14:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 16:18 - 2018-10-09 13:36 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 16:17 - 2019-01-14 15:32 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-15 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 11:14 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 11:05 - 2018-03-28 07:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-11 12:34 - 2020-10-11 08:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 12:34 - 2020-10-11 08:18 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Kohutovci (07-01-2022 20:34:26)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.11.25.32 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-23] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7F9A0A9E-36F7-4047-AD6E-0E9A6C79DCC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F97C9768-A47A-4F10-887E-B06F2FA8C4E0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5DEB2CD-E36E-4709-9986-E0F19DE6F092}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2D47FF57-A072-4F7E-B286-D486F545A728}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7FEBDE-1BBB-405E-A226-A8678841A79A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{611DD1BB-922A-4978-8BDE-5E9A16C4E804}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E6D47E-E906-46ED-AE9F-618BD695D371}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ABA9982D-0D4D-4579-91F5-0084C2D20A86}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1D4ED46C-2AA9-4228-9C82-C9EEFF7872F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E22721F1-7B8C-4090-8B2D-2693C6525D5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04305C71-8F8E-4EC4-9F18-FED4743A4FE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{610AD334-900D-4473-8ED2-5A63C1759523}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA6BCE5B-A387-43B3-A949-2C4117DD08CB}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D4DC7F8D-D4A4-47D0-9A7A-A88BEBD828BB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{80823B87-8992-4316-9551-F0928B366765}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3FF0B463-2594-461D-BF7D-48FE151C2E0C}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
15-12-2021 11:47:22 Inštalátor modulov systému Windows
24-12-2021 18:35:12 Scheduled Checkpoint
02-01-2022 20:06:57 Scheduled Checkpoint
07-01-2022 11:40:11 AdwCleaner_BeforeCleaning_07/01/2022_11:40:08
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/07/2022 08:30:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x3578
Čas spustenia chybujúcej aplikácie: 0x01d803fcfefbfbc6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: de93cbbf-75dd-49ed-ad7d-4bc8bffc7099
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x379c
Čas spustenia chybujúcej aplikácie: 0x01d803fcd8f617ca
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e9b2457f-313e-4ade-82cc-e934a10c6590
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1cd0
Čas spustenia chybujúcej aplikácie: 0x01d803fcd814b842
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 473be4e5-9eca-4455-a7e7-08128dbc26a6
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x33c0
Čas spustenia chybujúcej aplikácie: 0x01d803fcd81e3f33
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: ce77ece3-817b-48cd-b409-e13d02c42564
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub
Error: (01/07/2022 05:49:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2850
Čas spustenia chybujúcej aplikácie: 0x01d803e67cf47bac
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: c79a58bd-a27b-4cd0-a5e7-4a8b41f1650a
Celé meno chybujúceho balíka: NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 05:49:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x325c
Čas spustenia chybujúcej aplikácie: 0x01d803e67ce94321
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e9c1f89d-1090-4a2f-a46a-497dcb175444
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub
Error: (01/07/2022 05:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1708
Čas spustenia chybujúcej aplikácie: 0x01d803e3d7ace1cd
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 0337d535-b2ab-4ef2-805c-c4efcf143f8c
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 04:51:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x36dc
Čas spustenia chybujúcej aplikácie: 0x01d803de64fea4c3
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 4df42e32-a533-4c2a-97b7-ad7ee818fb65
Celé meno chybujúceho balíka: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
System errors:
=============
Error: (01/07/2022 08:30:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXadns4p0eqjaenk2bd16aj0cypbrs3e5w.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:49:11 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:49:11 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:30:14 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-01-07 20:34:17
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-07 17:16:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3152.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-07 17:16:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 75%
Total physical RAM: 3893.05 MB
Available physical RAM: 948.46 MB
Total Virtual: 7861.05 MB
Available Virtual: 4495.76 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:378.56 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (07-01-2022 20:30:14)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.32012.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C16235A-8FC0-409D-8EC2-9810F4570226} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {16E9D969-B11F-4EE3-ABD8-FFC60043F035} - \Lenovo\ImController\TimeBasedEvents\adcdeed6-4c49-4ff1-b510-30852218ad2a -> No File <==== ATTENTION
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {44F06403-6247-4FC9-9665-FEFC0F4593FA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {54200E14-8305-4F65-9313-28DA22E778F5} - \Lenovo\ImController\TimeBasedEvents\3a1d2d41-5e77-4b0e-b8c5-b442bd81c57b -> No File <==== ATTENTION
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {8358A3BC-F3B7-4C9E-88A9-4FE3E12DA12E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {86AC58A3-1CAE-47EA-8C6D-07B9860FDE2D} - \Lenovo\ImController\TimeBasedEvents\2c3c4875-150b-494e-94e4-0ccb6f6036ef -> No File <==== ATTENTION
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9E727CD6-4E6E-4C0A-A9A3-04B7C6042243} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {A46A6317-5D69-4567-95E9-85D7C2E26751} - \Lenovo\ImController\TimeBasedEvents\24356df3-1988-4b8b-8d9a-b6be4e6850c5 -> No File <==== ATTENTION
Task: {B5C9D3F0-DEA5-41CA-83FC-83A9BC6E972D} - \Lenovo\ImController\TimeBasedEvents\1e8155ed-aabe-46b5-8519-4dfa554f8c13 -> No File <==== ATTENTION
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E30655C0-B54D-4205-8910-672FD9857717} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F535B2FD-598D-4414-A0DF-F08D01D38259} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-24]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-01-07]
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR StartupUrls: Opera Stable -> "hxxp://google.sk/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-23]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-18] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-12-23] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-07 20:30 - 2022-01-07 20:32 - 000017273 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-01-07 11:38 - 2022-01-07 11:41 - 000000000 ____D C:\AdwCleaner
2022-01-07 11:37 - 2022-01-07 11:37 - 008540344 _____ (Malwarebytes) C:\Users\Kohutovci\Desktop\adwcleaner_8.3.1.exe
2022-01-06 15:07 - 2022-01-07 20:31 - 000000000 ____D C:\FRST
2022-01-06 15:05 - 2022-01-06 15:05 - 002311168 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2021-12-24 14:53 - 2021-12-24 14:53 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-12-23 19:47 - 2021-12-23 19:47 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-12-22 08:16 - 2021-12-22 08:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\SolidDocuments
2021-12-21 22:41 - 2021-12-21 22:46 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-21 22:41 - 2021-12-21 22:46 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-21 22:39 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Adobe
2021-12-21 22:37 - 2021-12-21 22:39 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-19 15:45 - 2021-12-19 15:45 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2021-12-19 15:45 - 2021-12-19 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-12-19 15:32 - 2021-12-19 15:32 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2021-12-19 14:55 - 2021-12-19 14:55 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2021-12-18 16:23 - 2021-12-18 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-18 16:20 - 2021-12-18 16:19 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-18 16:20 - 2021-12-18 16:18 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-15 13:14 - 2021-12-15 13:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-15 12:40 - 2021-12-15 12:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-15 12:40 - 2021-12-15 12:40 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-15 11:26 - 2021-12-15 11:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-07 20:32 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-01-07 20:30 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-01-07 20:30 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-01-07 20:29 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-07 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-07 12:16 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-01-07 11:41 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-01-07 11:41 - 2020-06-28 13:01 - 000000000 ____D C:\WINDOWS\Lenovo
2022-01-07 11:41 - 2018-03-28 06:57 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\Lenovo
2022-01-07 11:41 - 2017-11-28 06:57 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-06 20:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-06 20:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-06 20:11 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-01-06 20:10 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-06 20:10 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-06 20:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-06 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-02 08:38 - 2021-11-21 20:20 - 000002016 _____ C:\WINDOWS\storelibdebug.txt
2022-01-02 08:26 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-24 17:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-24 17:56 - 2018-03-30 21:36 - 000000335 _____ C:\Users\Kohutovci\Desktop\computer.lnk
2021-12-24 17:03 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2021-12-24 16:52 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-24 16:50 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2021-12-24 16:49 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-12-24 12:53 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2021-12-24 12:53 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-12-23 19:53 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-23 19:53 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-23 19:51 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-23 19:47 - 2019-05-17 22:10 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-12-22 08:16 - 2018-03-28 06:52 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Adobe
2021-12-21 22:37 - 2018-04-02 16:21 - 000000000 ____D C:\ProgramData\Adobe
2021-12-21 10:30 - 2018-03-28 06:50 - 000094072 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-12-20 19:33 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-19 15:50 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-19 15:50 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2021-12-19 15:44 - 2021-12-04 18:15 - 000000000 ____D C:\Program Files\LibreOffice
2021-12-19 15:30 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-12-19 15:28 - 2018-04-02 19:30 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-12-19 15:13 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 14:55 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-12-19 10:41 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-18 16:20 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-18 16:19 - 2019-01-05 14:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-18 16:19 - 2019-01-05 14:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-18 16:19 - 2018-04-03 17:01 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-18 16:18 - 2020-09-01 21:17 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-18 16:18 - 2020-04-03 08:06 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-18 16:18 - 2019-01-05 14:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-18 16:18 - 2018-10-09 13:36 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-18 16:18 - 2018-04-03 17:01 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-18 16:17 - 2019-01-14 15:32 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-15 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-15 12:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-15 11:14 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-15 11:05 - 2018-03-28 07:25 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-11 12:34 - 2020-10-11 08:18 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 12:34 - 2020-10-11 08:18 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Kohutovci (07-01-2022 20:34:26)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 21.007.20099 - Adobe)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2021.11.25.32 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Malwarebytes version 4.5.0.152 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.0.152 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.43.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.02 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-23] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2021-12-22] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-12-19] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7F9A0A9E-36F7-4047-AD6E-0E9A6C79DCC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F97C9768-A47A-4F10-887E-B06F2FA8C4E0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5DEB2CD-E36E-4709-9986-E0F19DE6F092}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2D47FF57-A072-4F7E-B286-D486F545A728}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7FEBDE-1BBB-405E-A226-A8678841A79A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{611DD1BB-922A-4978-8BDE-5E9A16C4E804}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E6D47E-E906-46ED-AE9F-618BD695D371}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ABA9982D-0D4D-4579-91F5-0084C2D20A86}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1D4ED46C-2AA9-4228-9C82-C9EEFF7872F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E22721F1-7B8C-4090-8B2D-2693C6525D5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04305C71-8F8E-4EC4-9F18-FED4743A4FE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{610AD334-900D-4473-8ED2-5A63C1759523}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA6BCE5B-A387-43B3-A949-2C4117DD08CB}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D4DC7F8D-D4A4-47D0-9A7A-A88BEBD828BB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{80823B87-8992-4316-9551-F0928B366765}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3FF0B463-2594-461D-BF7D-48FE151C2E0C}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
15-12-2021 11:47:22 Inštalátor modulov systému Windows
24-12-2021 18:35:12 Scheduled Checkpoint
02-01-2022 20:06:57 Scheduled Checkpoint
07-01-2022 11:40:11 AdwCleaner_BeforeCleaning_07/01/2022_11:40:08
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/07/2022 08:30:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x3578
Čas spustenia chybujúcej aplikácie: 0x01d803fcfefbfbc6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: de93cbbf-75dd-49ed-ad7d-4bc8bffc7099
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x379c
Čas spustenia chybujúcej aplikácie: 0x01d803fcd8f617ca
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e9b2457f-313e-4ade-82cc-e934a10c6590
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1cd0
Čas spustenia chybujúcej aplikácie: 0x01d803fcd814b842
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 473be4e5-9eca-4455-a7e7-08128dbc26a6
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 08:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x33c0
Čas spustenia chybujúcej aplikácie: 0x01d803fcd81e3f33
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: ce77ece3-817b-48cd-b409-e13d02c42564
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub
Error: (01/07/2022 05:49:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x2850
Čas spustenia chybujúcej aplikácie: 0x01d803e67cf47bac
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: c79a58bd-a27b-4cd0-a5e7-4a8b41f1650a
Celé meno chybujúceho balíka: NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 05:49:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x325c
Čas spustenia chybujúcej aplikácie: 0x01d803e67ce94321
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e9c1f89d-1090-4a2f-a46a-497dcb175444
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub
Error: (01/07/2022 05:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x1708
Čas spustenia chybujúcej aplikácie: 0x01d803e3d7ace1cd
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 0337d535-b2ab-4ef2-805c-c4efcf143f8c
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (01/07/2022 04:51:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1387, časová značka: 0x0b9a844a
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b302
Identifikácia chybujúceho procesu: 0x36dc
Čas spustenia chybujúcej aplikácie: 0x01d803de64fea4c3
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 4df42e32-a533-4c2a-97b7-ad7ee818fb65
Celé meno chybujúceho balíka: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
System errors:
=============
Error: (01/07/2022 08:30:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXadns4p0eqjaenk2bd16aj0cypbrs3e5w.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 08:29:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:49:11 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:49:11 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server NcsiUwpApp_1000.19041.1023.0_neutral_neutral_8wekyb3d8bbwe!App.AppXw175g9nmx2zykh9fyt6xjc0xf8vmj1w6.mca did not register with DCOM within the required timeout.
Error: (01/07/2022 05:30:14 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2111.3171.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-01-07 20:34:17
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-01-07 17:16:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3152.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-07 17:16:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 75%
Total physical RAM: 3893.05 MB
Available physical RAM: 948.46 MB
Total Virtual: 7861.05 MB
Available Virtual: 4495.76 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:378.56 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================
Přispějete na provoz fóra?