chtěl bych si nechat zkontrolovat logy. Poslední týden se mi stává, že se mi počítač náhodně odpojí od internetu na 1-3 sekundy a zpětně se připojí zpět. Stává se to pravidelně co 1-3 hodiny. Měl jsem zapojené dva PC přes ethernet a výpadek se vyskytuje pouze na mém počítači.
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by micha (administrator) on DESKTOP-D6F6QG1 (Micro-Star International Co., Ltd MS-7A34) (29-06-2019 15:26:36)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NahimicMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(SonicWall Inc.) [File not signed] C:\Program Files\SonicWall\Global VPN Client\SWGVCSvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69920 2018-10-11] (University of California, Berkeley -> Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [9063712 2018-10-11] (University of California, Berkeley -> Space Sciences Laboratory)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [GammingApp] => C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe [1150648 2017-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Run: [f.lux] => C:\Users\micha\AppData\Local\FluxSoftware\Flux\flux.exe [1378824 2019-05-07] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [25386912 2019-06-13] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Run: [Vivaldi Update Notifier] => "C:\Users\micha\AppData\Local\Vivaldi\Application\update_notifier.exe"
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\RunOnce: [Application Restart #5] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\MountPoints2: {40419117-8b9d-11e9-9125-309c230e2015} - "F:\startme.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.81\Installer\chrmstp.exe [2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0423729D-EBEA-48DA-824B-5CDB6CFD0E9F} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [661240 2018-08-02] (Advanced Micro Devices Inc. -> )
Task: {1B21FDF9-EB67-41DD-9615-E51573AC92BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1C04DCD6-A19D-40CB-B139-4720C5400A7F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20254801-F25B-406C-90C0-DC4922917D69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {301571E8-0A1C-49BD-8CDC-DC948D864F9A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {31CCFE3A-F4DA-49A5-B5D7-66A5F03F0282} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-38818341-3388588964-4190228223-1001 => C:\Users\micha\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-20] (Mega Limited -> Mega Limited)
Task: {3ECCC203-D7BE-4DF3-98C2-29F68878AA19} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142320 2018-02-05] (A-Volute -> A-Volute)
Task: {43218A25-38E1-498B-A890-DB4F3AB60B88} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {45A3053C-ED25-4DFB-A0F4-B5908F51AB29} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B55F0F1-1C55-47A2-BB12-B25EB8ED5D6D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F6474DD-2C9E-419B-89F2-1C88E42E6943} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {528CC7FC-CA4B-4E4F-A869-665422BAF44E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5DF08315-B107-4A7A-BE58-4B03DAC38A00} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe [332912 2018-11-07] (NZXT -> )
Task: {5E886EC2-98A6-4C9A-8ACE-9ACFDDDEBC86} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {635545C6-4B85-46B6-B5F5-8D4D8566B528} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {7968D3E2-AB37-4ACE-83A2-BA245CAC40CE} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {8D22E1DE-283F-497F-85A6-B1E876A8985B} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {A03783BC-34FD-4312-83EB-1E39A45FFCB1} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {A38B9AA8-F4F0-47D9-B871-9DAAE24BBC89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16467424 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF1CBB6A-76C4-4DC6-B248-31E5FD78D0ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-24] (Google Inc -> Google Inc.)
Task: {AFF61958-49D7-45A1-9D3B-E5BF18B00583} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF90CE64-B666-4638-95DC-7A1E1FBEA937} - System32\Tasks\update-S-1-5-21-38818341-3388588964-4190228223-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {C77E751A-91A0-46AE-882D-9E43CC7709F2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D03E1B6E-F5EF-4333-9923-952327330BD0} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3353784 2018-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {D047D3FD-F387-4FBF-8474-9D7B20531655} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-24] (Google Inc -> Google Inc.)
Task: {D466CC99-FA00-428B-B1E4-9EC680E55993} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D63472F2-C507-40E8-970E-A17A3E84885E} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990256 2018-02-05] (A-Volute -> A-Volute)
Task: {D9F39606-E84C-4A8F-B944-9FA047205ED3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146048 2018-10-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {E5A43161-891D-4890-BB61-081DB2C50C83} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2179145-EA09-4F98-A265-1FCCDD7F293C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F84E7356-A3BC-4911-95F7-9AE1613EF967} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\Windows\Tasks\update-S-1-5-21-38818341-3388588964-4190228223-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0440be48-4edf-4eba-964c-9eecfd98950a}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{56db64ee-b847-4229-ba2e-fb8c18985a54}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: qqp4w2aq.default
FF ProfilePath: C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\qqp4w2aq.default [2019-06-29]
FF Extension: (Avast Passwords) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\qqp4w2aq.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2018-12-15] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\qqp4w2aq.default\Extensions\sp@avast.com.xpi [2018-12-19]
FF Extension: (uBlock Origin) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\qqp4w2aq.default\Extensions\uBlock0@raymondhill.net.xpi [2018-12-16]
FF Extension: (Avast Online Security) - C:\Users\micha\AppData\Roaming\Mozilla\Firefox\Profiles\qqp4w2aq.default\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> ""
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2019-06-29]
CHR Extension: (Prezentace) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-24]
CHR Extension: (Dokumenty) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-24]
CHR Extension: (Disk Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-24]
CHR Extension: (uBlock Origin) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-21]
CHR Extension: (Avast Passwords) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-15]
CHR Extension: (Tabulky) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Avast Online Security) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-06]
CHR Extension: (Heap Poznámka) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpiejadkdojdbfgfocaoahhbepnlpph [2018-06-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-24]
CHR Extension: (Material Simple Dark Grey) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2019-05-15]
CHR Extension: (Click&Clean App) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2019-06-23]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.81\elevation_service.exe [978720 2019-06-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2018-03-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255544 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507960 2018-11-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2742968 2018-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2191032 2018-12-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SWGVCSvc; C:\Program Files\SonicWall\Global VPN Client\SWGVCSvc.exe [325632 2017-04-28] (SonicWall Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV13; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [71152 2018-11-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
R1 DNE; C:\Windows\system32\DRIVERS\dnelwf64.sys [327976 2015-10-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [34496 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [30416 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edcffbdd101bbe5b\nvlddmkm.sys [20726016 2019-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1122200 2018-08-30] (Realtek Semiconductor Corp. -> Realtek )
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\NZXT\CAM\OpenHardwareMonitorLib.sys [14544 2019-02-03] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 cpuz147; \??\C:\WINDOWS\temp\cpuz147\cpuz147_x64.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-29 15:26 - 2019-06-29 15:27 - 000032570 _____ C:\Users\micha\Desktop\FRST.txt
2019-06-29 15:25 - 2019-06-29 15:25 - 002418688 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2019-06-29 14:29 - 2019-06-29 14:29 - 000000000 ____D C:\Windows\pss
2019-06-29 14:12 - 2019-06-29 14:47 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2019-06-29 14:11 - 2019-06-29 14:19 - 000498890 _____ C:\Windows\ntbtlog.txt
2019-06-29 02:46 - 2019-06-29 02:46 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-29 02:46 - 2019-06-29 02:46 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-29 02:46 - 2019-06-29 02:46 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-24 00:28 - 2019-06-24 00:28 - 002622054 _____ C:\Users\micha\Documents\Untitled 1.bmp
2019-06-21 10:05 - 2019-06-21 10:05 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-06-21 10:05 - 2019-06-21 10:05 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-06-20 11:48 - 2019-06-20 11:48 - 000000000 ____D C:\Program Files\UNP
2019-06-17 23:40 - 2019-06-17 23:40 - 000287204 _____ C:\Users\micha\Downloads\video-1558264822.mp4
2019-06-17 23:40 - 2019-06-17 23:40 - 000199449 _____ C:\Users\micha\Downloads\video-1557745420.mp4
2019-06-17 23:40 - 2019-06-17 23:40 - 000129305 _____ C:\Users\micha\Downloads\video-1559137326.mp4
2019-06-17 23:39 - 2019-06-17 23:39 - 000390979 _____ C:\Users\micha\Downloads\video-1558546587.mp4
2019-06-17 20:15 - 2019-06-17 20:15 - 000105486 _____ C:\Users\micha\Downloads\ticket-ID0B6B.pdf
2019-06-13 21:41 - 2019-06-13 21:41 - 000000022 _____ C:\Users\micha\Downloads\MEGA-RECOVERYKEY.txt
2019-06-12 18:34 - 2019-06-12 18:34 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-11 23:36 - 2019-06-11 23:36 - 000000000 ____D C:\Users\micha\Documents\Sony
2019-06-11 23:36 - 2019-06-11 23:36 - 000000000 ____D C:\Users\micha\AppData\Roaming\Apple Computer
2019-06-11 23:36 - 2019-06-11 23:36 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-06-11 23:35 - 2019-06-11 23:35 - 050616672 _____ (Sony) C:\Users\micha\AppData\Local\pcc.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-11 19:24 - 2019-06-11 19:24 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-11 19:24 - 2019-06-11 19:24 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-11 19:24 - 2019-06-11 19:24 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-11 19:24 - 2019-06-11 19:24 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-06-06 22:08 - 2019-06-06 22:09 - 000000000 ____D C:\Users\micha\Documents\istqb
2019-06-06 22:08 - 2019-06-06 22:08 - 001491527 _____ C:\Users\micha\Downloads\fwfewpapers.zip
2019-06-02 18:49 - 2019-06-02 20:28 - 000583179 _____ C:\Users\micha\Documents\checkcheck.csv
2019-06-01 21:38 - 2019-06-01 21:38 - 000001114 _____ C:\Users\micha\Desktop\StarTrinity CST.lnk
2019-06-01 21:38 - 2019-06-01 21:38 - 000001100 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarTrinity CST.lnk
2019-06-01 21:38 - 2019-06-01 21:38 - 000000000 ____D C:\Users\micha\AppData\Roaming\StarTrinity CST
2019-06-01 20:40 - 2019-06-01 20:40 - 000000000 ____D C:\Users\micha\Downloads\startrinity_cst
2019-06-01 20:38 - 2019-06-01 20:38 - 001560001 _____ C:\Users\micha\Downloads\startrinity_cst.zip
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-29 15:26 - 2018-12-28 18:15 - 000000000 ____D C:\FRST
2019-06-29 15:24 - 2018-09-23 13:03 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2019-06-29 15:24 - 2018-06-24 21:23 - 000000000 ____D C:\Users\micha\AppData\Local\AVAST Software
2019-06-29 15:21 - 2018-06-24 21:23 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-29 15:19 - 2018-12-20 22:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-29 15:19 - 2018-09-23 13:03 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2019-06-29 15:19 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-29 15:18 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-29 14:46 - 2019-02-14 23:18 - 000745808 _____ C:\Windows\system32\perfh005.dat
2019-06-29 14:46 - 2019-02-14 23:18 - 000160320 _____ C:\Windows\system32\perfc005.dat
2019-06-29 14:46 - 2018-12-20 22:26 - 001834764 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-29 14:46 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-29 14:10 - 2018-08-05 15:58 - 000000420 _____ C:\Windows\Tasks\update-sys.job
2019-06-29 14:10 - 2018-08-05 15:58 - 000000420 _____ C:\Windows\Tasks\update-S-1-5-21-38818341-3388588964-4190228223-1001.job
2019-06-29 14:09 - 2018-08-20 12:27 - 000000000 ____D C:\Users\micha\AppData\Roaming\uTorrent
2019-06-29 14:09 - 2018-06-24 21:55 - 000000000 ____D C:\Users\micha\AppData\Local\CrashDumps
2019-06-29 12:26 - 2019-02-21 20:48 - 000003194 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-29 12:26 - 2019-02-21 20:48 - 000002234 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-29 12:26 - 2019-01-26 11:25 - 000002580 _____ C:\Windows\System32\Tasks\CAM.Desktop
2019-06-29 12:26 - 2019-01-26 11:15 - 000002582 _____ C:\Windows\System32\Tasks\AMDAutoUpdate
2019-06-29 12:26 - 2019-01-04 06:27 - 000002280 _____ C:\Windows\System32\Tasks\MSIGH_Host
2019-06-29 12:26 - 2018-12-20 22:24 - 000002854 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-38818341-3388588964-4190228223-1001
2019-06-29 12:26 - 2018-12-20 22:22 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 12:26 - 2018-12-20 22:22 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000003122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 12:26 - 2018-12-20 22:22 - 000003048 _____ C:\Windows\System32\Tasks\update-S-1-5-21-38818341-3388588964-4190228223-1001
2019-06-29 12:26 - 2018-12-20 22:22 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002800 _____ C:\Windows\System32\Tasks\update-sys
2019-06-29 12:26 - 2018-12-20 22:22 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 12:26 - 2018-12-20 22:22 - 000002388 _____ C:\Windows\System32\Tasks\NahimicVRSvc64Run
2019-06-29 12:26 - 2018-12-20 22:22 - 000002380 _____ C:\Windows\System32\Tasks\NahimicVRSvc32Run
2019-06-29 12:26 - 2018-12-20 22:22 - 000002148 _____ C:\Windows\System32\Tasks\MSISW_Host
2019-06-29 12:26 - 2018-12-20 22:22 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-06-29 02:46 - 2019-02-18 00:40 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-06-29 02:46 - 2019-01-14 19:47 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-29 02:46 - 2019-01-06 10:25 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-29 02:46 - 2019-01-06 10:25 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-29 02:46 - 2019-01-06 10:25 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-06-29 02:46 - 2018-12-20 22:22 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-29 02:46 - 2018-10-29 22:46 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-29 02:46 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-29 02:46 - 2018-06-24 21:23 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-29 02:46 - 2018-06-24 21:23 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-29 02:46 - 2018-06-24 21:23 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-29 02:46 - 2018-06-24 21:23 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-29 02:46 - 2018-06-24 21:23 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-29 02:46 - 2018-06-24 21:23 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-28 23:58 - 2018-08-05 15:58 - 000000000 ____D C:\Users\micha\Documents\Lightshot
2019-06-28 23:34 - 2018-12-20 22:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-28 20:06 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-28 20:06 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-06-28 12:10 - 2019-05-08 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-06-27 19:40 - 2019-04-17 22:00 - 000003856 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-27 19:40 - 2019-04-17 22:00 - 000003272 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-27 19:40 - 2018-08-25 11:34 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-27 11:18 - 2018-06-24 21:22 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-26 19:01 - 2018-06-25 09:12 - 000000000 ____D C:\Users\Public\Logi
2019-06-26 13:14 - 2018-06-24 21:28 - 000000000 ____D C:\MSI
2019-06-24 13:47 - 2018-06-25 08:28 - 000000000 ____D C:\Users\micha\AppData\Local\D3DSCache
2019-06-23 19:02 - 2018-08-08 22:29 - 000000000 ____D C:\Users\micha\AppData\Roaming\discord
2019-06-23 12:24 - 2019-01-22 01:55 - 000000000 ____D C:\Users\micha\AppData\Roaming\Code
2019-06-22 15:23 - 2018-06-24 21:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-21 23:46 - 2019-05-18 23:13 - 000000000 ____D C:\Users\micha\AppData\Local\ElevatedDiagnostics
2019-06-20 11:47 - 2018-12-20 22:18 - 000002363 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-20 11:47 - 2018-06-24 21:19 - 000000000 ___RD C:\Users\micha\OneDrive
2019-06-18 09:04 - 2018-06-24 21:28 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-17 19:55 - 2018-06-24 21:38 - 000000000 ____D C:\Users\micha\AppData\Roaming\Telegram Desktop
2019-06-17 11:48 - 2018-08-26 19:48 - 000000000 ____D C:\Users\micha\AppData\Roaming\WhatsApp
2019-06-17 11:48 - 2018-08-26 19:48 - 000000000 ____D C:\Users\micha\AppData\Local\WhatsApp
2019-06-13 21:48 - 2019-05-18 09:07 - 000000000 ___HD C:\Users\micha\Documents\ASP.core.sys
2019-06-12 18:34 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-12 18:32 - 2018-06-24 21:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 18:32 - 2018-06-24 21:18 - 000000000 ___RD C:\Users\micha\3D Objects
2019-06-12 18:31 - 2018-12-20 22:17 - 000258168 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 00:36 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-12 00:36 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-12 00:01 - 2019-05-21 22:55 - 000000000 ____D C:\Users\micha\Documents\angelvoice
2019-06-11 19:21 - 2018-06-24 23:01 - 000000000 ____D C:\Windows\system32\MRT
2019-06-11 19:19 - 2018-06-24 23:01 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-10 00:45 - 2018-12-20 22:18 - 000000000 ____D C:\Users\micha
2019-06-02 21:11 - 2018-06-24 21:18 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2019-06-02 20:47 - 2018-06-24 21:19 - 000000000 ____D C:\Users\micha\AppData\Local\PlaceholderTileLogoFolder
2019-06-02 20:44 - 2018-07-10 19:07 - 000000000 ____D C:\ProgramData\Packages
2019-06-02 18:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\NDF
2019-05-31 20:03 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories ================
2018-08-16 12:57 - 2019-01-06 17:18 - 000001456 _____ () C:\Users\micha\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-06-11 23:35 - 2019-06-11 23:35 - 050616672 _____ (Sony) C:\Users\micha\AppData\Local\pcc.exe
2018-12-21 09:44 - 2018-12-21 09:44 - 000007605 _____ () C:\Users\micha\AppData\Local\Resmon.ResmonCfg
2018-08-05 15:58 - 2018-08-05 15:58 - 000000003 _____ () C:\Users\micha\AppData\Local\updater.log
2018-08-05 15:58 - 2018-08-05 15:58 - 000000425 _____ () C:\Users\micha\AppData\Local\UserProducts.xml
==================== FLock ================
2018-06-24 21:14 C:\Windows\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Addition log
DíkyAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by micha (29-06-2019 15:27:22)
Running from C:\Users\micha\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2018-12-20 20:22:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-38818341-3388588964-4190228223-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-38818341-3388588964-4190228223-503 - Limited - Disabled)
Guest (S-1-5-21-38818341-3388588964-4190228223-501 - Limited - Disabled)
micha (S-1-5-21-38818341-3388588964-4190228223-1001 - Administrator - Enabled) => C:\Users\micha
WDAGUtilityAccount (S-1-5-21-38818341-3388588964-4190228223-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.3.0902 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{716F53C3-0B3F-4FB7-9AD7-9BC7DB7134A1}) (Version: 1.4.0.0659 - Advanced Micro Devices, Inc.)
APOInstallerMSISetup (HKLM\...\{6D8108E5-FBDD-4547-9C04-B052336E4046}) (Version: 1.0.19 - Nahimic) Hidden
Atom (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{A6A8AE0B-30CC-4641-8BE4-8A70E44A2448}) (Version: 1.0.1901 - Nahimic) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.81 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{510D7DF1-732A-4E0D-9FE7-0BCBB9481A2F}) (Version: 3.44.5504.6203 - Google, Inc.)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
BOINC (HKLM\...\{96E0C65F-95D1-437B-80D7-5A180AED06D8}) (Version: 7.14.2 - Space Sciences Laboratory, U.C. Berkeley)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
CAM (HKLM-x32\...\{8F17EBED-54B3-472E-B7CF-C53B6AF38FBD}) (Version: 3.7.4 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform)
DBeaver 5.3.3 (HKLM\...\DBeaver) (Version: 5.3.3 - JKISS)
Discord (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
EaseUS Partition Master 13.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EndpointMonitoring Install MSISetup (HKLM\...\{F1F90F23-6FFC-481E-B72A-B2D51C6DA257}) (Version: 1.0.1901 - Nahimic) Hidden
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Flux) (Version: - f.lux Software LLC)
Global VPN Client (HKLM\...\{7D7ED176-EA00-4B2B-B421-AA19A451F650}) (Version: 4.10.2 - SonicWall)
Google Chrome (HKLM\...\{A5573283-D630-3900-8DCE-E463BDDB5E0E}) (Version: 75.0.3770.100 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
IIS 10.0 Express (HKLM\...\{4E0AF984-1437-42DC-A8E4-A6EE920DDFAF}) (Version: 10.0.1743 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 (HKLM-x32\...\{5b295ba9-ef89-4aeb-8acc-b61adb0b9b5f}) (Version: 14.14.26405.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 (HKLM-x32\...\{ec9c2282-a836-48a6-9e41-c2f0bf8d678b}) (Version: 14.14.26405.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.33.1 - Microsoft Corporation)
Mozilla Firefox 64.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0.2 (x64 en-US)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.87 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.83 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.50 - MSI)
Nahimic VR (HKLM-x32\...\{3d84610f-4cfb-4165-aa15-bb859bd0f0e3}) (Version: 1.0.19 - Nahimic)
NineEarsSettings Install Configurator (HKLM\...\{A909659E-FC98-4D8F-AC40-8C5344C86F7A}) (Version: 1.0.1901 - Nahimic) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)
PhotoFiltre (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\PhotoFiltre) (Version: - )
ProductDaemon Install Setup (HKLM\...\{32D62D40-F8F6-408E-8F8C-6A6593E3ACE9}) (Version: 1.0.1901 - Nahimic) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Spotify (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB)
SSAudioDaemon Install MSISetup (HKLM\...\{F77EA0C2-B0EB-47C7-990D-EACA981D75E8}) (Version: 1.0.19 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.7.7 (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.7.7 - Telegram Messenger LLP)
TransMac version 12.3 (HKLM-x32\...\TransMac_is1) (Version: 12.3 - Acute Systems)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
WhatsApp (HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-10-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-38818341-3388588964-4190228223-1001_Classes\CLSID\{E24715A6-33C2-41EF-827E-54C52CBFB9E4} -> [MEGAsync] => C:\Users\micha\Documents\MEGAsync [2018-08-18 17:42]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\micha\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-20] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-29] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-01-04 06:27 - 2017-08-02 15:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2019-01-04 06:22 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2019-01-04 06:27 - 2015-06-23 17:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2018-06-24 21:22 - 2018-04-30 14:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-04-28 11:37 - 2017-04-28 11:37 - 000099840 _____ (SonicWall Inc.) [File not signed] C:\Program Files\SonicWall\Global VPN Client\SWCommon.dll
2017-04-28 11:35 - 2017-04-28 11:35 - 000325632 _____ (SonicWall Inc.) [File not signed] C:\Program Files\SonicWall\Global VPN Client\SWGVCSvc.exe
2017-04-28 11:37 - 2017-04-28 11:37 - 000323072 _____ (SonicWall Inc.) [File not signed] C:\Program Files\SonicWall\Global VPN Client\SWIPHlp.dll
2019-01-04 06:27 - 2016-10-03 14:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\hola.org -> hxxp://hola.org
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2019-01-04 10:28 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "boinctray"
HKLM\...\StartupApproved\Run: => "boincmgr"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"
HKU\S-1-5-21-38818341-3388588964-4190228223-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{CB72B931-33C0-4A1D-88F0-1F4E7374592C}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{E91B3F4A-A178-4395-ABFB-28EDF530A6E4}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AAC7AC04-25A2-4EAE-A117-DBDAE351C17C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8A88AAAE-CFDF-4A79-BDF4-F7C6D71A49C3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1A96DC07-5900-41CB-A2AB-AAD364A3DF37}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{BD3E443F-6067-4620-A906-A0D5D309CEEC}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B79DE517-FFBD-4E7C-BC1C-4CE16FF8EC73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{5DFF9317-8609-408D-9683-9CD318BDB910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{8BCA1821-E9ED-4B68-9DFA-37434ED7A4CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C45BC43D-79CC-41AF-BA8B-ED75601C7E2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D73EE1B-843E-4BF1-B7B1-67C18C722B71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{BB920077-E310-4FEC-B708-FCA8EA2DBF06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [UDP Query User{39B8FF5A-E7F4-47D1-9076-9DA4F256A309}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{7EF0060D-EFBE-4F26-AC4A-08CE3F5B8C97}C:\users\micha\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micha\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8502B645-ED11-4794-BE19-C0DEE641E48A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{BB7A403B-0E47-4B5E-AAC1-1A78A47F7C1B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{52471536-226B-479E-8399-C315B5C9E0F2}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{673E21B2-4C90-4F11-9CBE-94D5D846E37F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7609A11D-5F8D-4083-B4CE-E9D1485E0056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe () [File not signed]
FirewallRules: [{ACD2B5AC-FAA4-4E40-A4CA-EE52CE923021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe () [File not signed]
FirewallRules: [{B2030520-29D7-4AFB-8F50-CF25011DE8AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7CDBC504-A58D-4984-9D79-AD25DE230488}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2BCBCE19-2DF0-46C4-8910-ED90D3930CDF}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{7648F28F-0355-4E3C-9149-8F74557AA55F}C:\users\micha\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\micha\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C9DE8735-C730-4D2C-9E9E-E9F89E8388F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{670681E0-18C1-4E98-BA12-1CE06556D51E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2066B1A2-04D7-492B-8C35-5BAAC95FBE16}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{A765A1A3-9A3A-4B8B-B292-301B33BC381E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{4DF2D7B1-7659-4B85-8FB3-C8C8446F6572}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{35655605-834F-450A-B196-A2091562EF4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A0075545-70D6-4981-A3D0-52335E314612}] => (Allow) LPort=38518
FirewallRules: [{D5B3C128-E696-4ADA-936A-0CC76D7BFD96}] => (Allow) LPort=9142
FirewallRules: [TCP Query User{FCAA088D-DE82-427C-9774-673EECB428B2}C:\program files (x86)\nzxt\cam\cam.desktop.exe] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT -> )
FirewallRules: [UDP Query User{A1D26C14-29C2-4144-854F-2B22DAF317D7}C:\program files (x86)\nzxt\cam\cam.desktop.exe] => (Allow) C:\program files (x86)\nzxt\cam\cam.desktop.exe (NZXT -> )
FirewallRules: [{9ED571AC-5D8B-471D-8C8D-C16EA90F8818}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F1A5A2D5-B0F6-4068-B7E0-0E779B3FD97B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{06CC4099-7916-47C4-9123-F56D5C0966B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A07A5566-D72C-4E5E-8A89-2B9EDED20ADE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD8C3CCE-63BE-4AD9-8029-209888340686}C:\program files\sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\global vpn client\swgvc.exe (SonicWall Inc.) [File not signed]
FirewallRules: [UDP Query User{4EFC8FE2-F157-4AEC-9CCB-8E219A049006}C:\program files\sonicwall\global vpn client\swgvc.exe] => (Allow) C:\program files\sonicwall\global vpn client\swgvc.exe (SonicWall Inc.) [File not signed]
FirewallRules: [TCP Query User{C13C79A3-FDFB-407E-97D3-643732752F0D}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0668304E-F515-44C9-8C5E-FF18403ECA9E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{B6743686-FC11-4590-A0A1-C01DC7B5034C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{951C24B6-E7B0-4763-A981-8BEA5168BE4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C77F08E-8594-49F1-A573-079E56D30223}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C374A54E-C232-4D4E-817E-FA25D05AA381}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{719819A3-DDA1-458F-85DD-535BEC2D0C15}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{25847B54-3887-4DC1-B723-3613F624F3D4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D4DF3D67-2BFA-4C51-8085-838E5DE9AC40}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{592A6E15-E35D-434B-823C-C97E2A345276}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [{C0CCA766-F567-4CF5-944C-6EBE295C7884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{32C9CD54-9A84-4731-9E9D-48EB154C0524}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [TCP Query User{8358D2DB-A3D2-46EE-9610-6F4F3A82F25E}C:\users\micha\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\micha\appdata\roaming\telegram desktop\telegram.exe (Telegram Messenger LLP -> Telegram Messenger LLP)
FirewallRules: [UDP Query User{4D6B89F4-29C2-4CD0-8C2F-6EDC5283E4A7}C:\users\micha\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\micha\appdata\roaming\telegram desktop\telegram.exe (Telegram Messenger LLP -> Telegram Messenger LLP)
FirewallRules: [{1B3703AA-D7E5-4794-BA91-B3409BFBF578}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{949226C0-E56D-469E-82C5-971BEF2E3609}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{AF87E0D2-0ABD-4A2E-B77D-C7B0C46FC74E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{3C102020-33E7-472F-9F94-F0157F0FC015}] => (Allow) LPort=26789
FirewallRules: [{CFD908BC-B718-4B11-B966-14FFD13B2F48}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/29/2019 02:55:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (06/29/2019 02:49:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (06/29/2019 02:49:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (06/29/2019 02:47:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (06/29/2019 02:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrent.exe, version: 2.2.1.25534, time stamp: 0x4e4594ce
Faulting module name: GDI32.dll, version: 10.0.17763.1, time stamp: 0x1c1f7575
Exception code: 0xc000041d
Fault offset: 0x000060d7
Faulting process ID: 0x2a6c
Faulting application start time: 0x01d52e65cfaf5ed7
Faulting application path: C:\Users\micha\AppData\Roaming\uTorrent\utorrent.exe
Faulting module path: C:\Windows\System32\GDI32.dll
Report ID: 653baeb9-6a68-48bc-9fca-e0d8e86880ea
Faulting package full name:
Faulting package-relative application ID:
Error: (06/28/2019 07:09:48 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
Error: (06/27/2019 09:08:37 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).
Error: (06/27/2019 07:03:13 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\system32\sysmain.dll" (Win32 error code 126).
System errors:
=============
Error: (06/29/2019 03:23:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D6F6QG1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-D6F6QG1\micha SID (S-1-5-21-38818341-3388588964-4190228223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/29/2019 03:20:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D6F6QG1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-D6F6QG1\micha SID (S-1-5-21-38818341-3388588964-4190228223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/29/2019 03:19:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-D6F6QG1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-D6F6QG1\micha SID (S-1-5-21-38818341-3388588964-4190228223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/29/2019 03:18:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D6F6QG1)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/29/2019 03:18:36 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D6F6QG1)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/29/2019 03:17:02 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D6F6QG1)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/29/2019 03:13:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D6F6QG1)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/29/2019 03:07:02 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D6F6QG1)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
CodeIntegrity:
===================================
Date: 2019-06-29 15:19:20.744
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 15:19:20.742
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 15:19:20.737
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 15:19:20.736
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 14:23:39.048
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 14:23:39.045
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 14:23:39.038
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-06-29 14:23:39.037
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.H0 05/02/2018
Motherboard: Micro-Star International Co., Ltd B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 16335.17 MB
Available physical RAM: 11813.33 MB
Total Virtual: 18767.17 MB
Available Virtual: 11778.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.27 GB) (Free:316.64 GB) NTFS
Drive d: (SAMSUNG) (Fixed) (Total:931.51 GB) (Free:251.13 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:315.57 GB) NTFS
\\?\Volume{a6fe17bf-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{1ab6e469-f0a9-494f-8ec7-6e1e9fac5df2}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 032C9658)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BCEBE8A2)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 1AAF1E19)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=0F Extended)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: A6FE17BF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================