Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2019-10-17 13:57:59
Microsoft Windows 10 Home
System drive C: has 484 GB (51%) free of 953 GB
Total RAM: 3030 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:06, on 17.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x86__8wekyb3d8bbwe\YourPhone.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\MicrosoftEdgeCP.exe
C:\WINDOWS\system32\MicrosoftEdgeSH.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\System32\SecurityHealthSystray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.4.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Program Files\trend micro\LuciFafa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 7100 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
"{b84eec0c-f44b-420f-b2ee-db2a585be7fc}"=C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.221.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.221.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-20 479216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-20 193520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 73728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-05 232840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-07-04 644552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-09-26 1617800]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
"OneDrive"=C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-10 1592440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-07-12 223360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-17 13:57:59 ----D---- C:\rsit
2019-10-17 13:56:46 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-10-17 13:48:09 ----D---- C:\AdwCleaner
2019-10-11 20:42:58 ----D---- C:\Program Files\Mozilla Firefox
2019-10-05 15:28:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-05 15:28:11 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-10-05 15:28:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2019-10-03 18:25:37 ----D---- C:\Program Files\CCleaner Browser
2019-09-20 10:32:54 ----D---- C:\WINDOWS\Panther
======List of files/folders modified in the last 1 month======
2019-10-17 13:58:06 ----D---- C:\Program Files\trend micro
2019-10-17 13:56:59 ----D---- C:\WINDOWS\Prefetch
2019-10-17 13:56:46 ----D---- C:\WINDOWS\system32\drivers
2019-10-17 13:56:46 ----D---- C:\WINDOWS\system32\catroot2
2019-10-17 13:56:13 ----D---- C:\WINDOWS\System32
2019-10-17 13:56:13 ----D---- C:\WINDOWS\INF
2019-10-17 13:56:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-17 13:54:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-17 13:52:19 ----D---- C:\WINDOWS\Temp
2019-10-17 13:51:37 ----D---- C:\WINDOWS\system32\Tasks
2019-10-17 13:50:14 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-17 13:50:14 ----D---- C:\WINDOWS\Logs
2019-10-17 13:50:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2019-10-17 13:50:09 ----D---- C:\Program Files\CCleaner
2019-10-17 13:49:36 ----D---- C:\WINDOWS\system32\sru
2019-10-17 13:49:00 ----HD---- C:\ProgramData
2019-10-16 20:25:28 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-15 20:24:39 ----SHD---- C:\System Volume Information
2019-10-14 20:38:00 ----D---- C:\WINDOWS\system32\config
2019-10-14 20:25:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-12 18:28:45 ----D---- C:\WINDOWS\AppReadiness
2019-10-12 18:28:44 ----HD---- C:\Program Files\WindowsApps
2019-10-11 21:21:49 ----RD---- C:\Program Files
2019-10-11 08:37:59 ----D---- C:\WINDOWS\system32\Macromed
2019-10-07 18:39:19 ----D---- C:\Windows
2019-10-07 13:10:45 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 15:38:33 ----D---- C:\Program Files\WinRAR
2019-10-05 15:30:04 ----D---- C:\WINDOWS\WinSxS
2019-10-05 15:28:22 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-03 18:28:09 ----SHD---- C:\WINDOWS\Installer
2019-10-03 18:28:09 ----SHD---- C:\Config.Msi
2019-09-25 17:33:07 ----D---- C:\WINDOWS\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2015-03-30 36040]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-05 35512]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-05 169408]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-05 59368]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-05 15792]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-05 73312]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-05 277408]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 45064]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 15688]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 29696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-05 174712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-05 224008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-05 211088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-05 41200]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-05 95168]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-05 691528]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-05 394856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 57144]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 45568]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-10-05 145048]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-05 176760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-09-06 350720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 37888]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-09-06 128512]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [2017-05-16 32682368]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [2017-05-16 415104]
R3 AtiHDAudioService;@oem89.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 dtlitescsibus;@oem45.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-10-17 241760]
R3 RTL8167;@oem79.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;@oem6.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2015-12-14 27632]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\WINDOWS\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
S0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 693048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 121144]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 103224]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 106296]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 64312]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 79160]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 51512]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 59192]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 33592]
S2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 14336]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 241664]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-09-06 13312]
S3 AsusVBus;AsusVBus; C:\WINDOWS\system32\DRIVERS\AsusVBus.sys [2017-01-09 33048]
S3 ATP;ASUS Touchpad; C:\WINDOWS\system32\DRIVERS\AsusTP.sys [2017-01-09 66872]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-09-06 90120]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-09-06 92672]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 73216]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-09-06 25600]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-09-06 1091584]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-09-06 70144]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 29696]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 53560]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_x86_856ba6d2e9bf5f71\genericusbfn.sys [2019-09-06 17920]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2019-03-19 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 40248]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-09-06 42496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 19968]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 73728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2019-03-19 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 32768]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 19456]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 39944]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 425784]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 46392]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-07-09 274432]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 46080]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2018-06-22 6456416]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 130560]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 79888]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 13312]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 18944]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 160256]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 76800]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 383872]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-05 859096]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-05 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_3ea7b;CDPUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-09-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 OneSyncSvc_3ea7b;OneSyncSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2018-11-14 76888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-05 5035312]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_3ea7b;cbdhsvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 5247944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-06 733144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-09-26 163328]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_3ea7b;AarSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_3ea7b;BcastDVRUserService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_3ea7b;BluetoothUserService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_3ea7b;CaptureService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_3ea7b;ConsentUxUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 CredentialEnrollmentManagerUserSvc_3ea7b;CredentialEnrollmentManagerUserSvc_3ea7b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_3ea7b;DeviceAssociationBrokerSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_3ea7b;DevicePickerUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_3ea7b;DevicesFlowUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 71168]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2019-02-05 43712]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_3ea7b;MessagingService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2019-10-11 221728]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-06-22 7188752]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 79360]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_3ea7b;PimIndexMaintenanceSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_3ea7b;PrintWorkflowUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 863744]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-19 47752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu pc
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-17-2019
# Duration: 00:00:18
# OS: Windows 10 Home
# Scanned: 35171
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.ByteFence C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.ByteFence HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
PUP.Optional.EoRezo HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner_Debug.log - [5362 octets] - [17/10/2019 13:48:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-17-2019
# Duration: 00:00:18
# OS: Windows 10 Home
# Scanned: 35171
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.ByteFence C:\ProgramData\ByteFence
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.ByteFence HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
PUP.Optional.EoRezo HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner_Debug.log - [5362 octets] - [17/10/2019 13:48:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: Prosím o kontrolu pc
Ahoj 
V AdwCleaneri nechaj zmazat vsetky nalezy a posli log.
Nasledne poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
V AdwCleaneri nechaj zmazat vsetky nalezy a posli log. Nasledne poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu pc
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-10-2019
Ran by LuciFafa (21-10-2019 17:31:25)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 1903 18362.356 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 69.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 69.0.3 (x86 cs)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3.7221 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) ==============
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2019-10-18 19:27 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-09-13 19:59 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
01-10-2019 19:39:27 Naplánovaný kontrolní bod
09-10-2019 20:53:50 Naplánovaný kontrolní bod
18-10-2019 21:27:58 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/21/2019 04:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1d50
Čas spuštění chybující aplikace: 0x01d5881f3e98f4f6
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4cc6802c-c0eb-4ca6-851b-97e00f009911
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 04:53:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2700
Čas spuštění chybující aplikace: 0x01d5881f4587d1ee
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7c445e1d-9491-4c56-8631-5d7fe2e5420f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 07:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2794
Čas spuštění chybující aplikace: 0x01d587d3cb360d7c
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7cbc03ab-d582-4326-a1b9-2909c3e891ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 07:53:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x208
Čas spuštění chybující aplikace: 0x01d587d3d352fe1e
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 564da0e3-3d57-4070-9263-f388942f1603
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/20/2019 12:42:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1b7c
Čas spuštění chybující aplikace: 0x01d58732fd04839a
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1b0b5b87-e2e5-41b5-86eb-0203fbe1f1c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/20/2019 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0x01d5873302444323
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4821cf9b-0a3c-442f-89c1-ddca27b8a61d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/19/2019 08:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001601bf
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6672508d-6885-4b06-8d39-d889f04f595b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/19/2019 08:56:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x0016001f
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 987ff6f0-3858-4846-9dc7-492856041e57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/19/2019 09:26:46 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d108\??\C:\Users\LuciFafa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat
Error: (10/18/2019 07:27:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/17/2019 01:50:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/17/2019 01:49:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-10-21 16:53:02.403
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-21 07:53:11.817
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.774
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.715
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:52:56.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-20 19:12:41.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\VALOFEEU\CombatArms\GameGuard\npggNT.des that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 63%
Total physical RAM: 3030.36 MB
Available physical RAM: 1117.59 MB
Total Virtual: 6102.36 MB
Available Virtual: 3622.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:469.64 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Ran by LuciFafa (21-10-2019 17:31:25)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 1903 18362.356 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 69.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 69.0.3 (x86 cs)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3.7221 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) ==============
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2019-10-18 19:27 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-09-13 19:59 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
01-10-2019 19:39:27 Naplánovaný kontrolní bod
09-10-2019 20:53:50 Naplánovaný kontrolní bod
18-10-2019 21:27:58 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/21/2019 04:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1d50
Čas spuštění chybující aplikace: 0x01d5881f3e98f4f6
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4cc6802c-c0eb-4ca6-851b-97e00f009911
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 04:53:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2700
Čas spuštění chybující aplikace: 0x01d5881f4587d1ee
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7c445e1d-9491-4c56-8631-5d7fe2e5420f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 07:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2794
Čas spuštění chybující aplikace: 0x01d587d3cb360d7c
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7cbc03ab-d582-4326-a1b9-2909c3e891ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/21/2019 07:53:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x208
Čas spuštění chybující aplikace: 0x01d587d3d352fe1e
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 564da0e3-3d57-4070-9263-f388942f1603
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/20/2019 12:42:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1b7c
Čas spuštění chybující aplikace: 0x01d58732fd04839a
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1b0b5b87-e2e5-41b5-86eb-0203fbe1f1c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/20/2019 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0x01d5873302444323
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4821cf9b-0a3c-442f-89c1-ddca27b8a61d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/19/2019 08:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001601bf
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6672508d-6885-4b06-8d39-d889f04f595b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/19/2019 08:56:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x0016001f
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 987ff6f0-3858-4846-9dc7-492856041e57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/19/2019 09:26:46 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d108\??\C:\Users\LuciFafa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat
Error: (10/18/2019 07:27:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/17/2019 01:50:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/17/2019 01:49:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-10-21 16:53:02.403
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-21 07:53:11.817
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.774
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:53:11.715
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-10-21 07:52:56.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2019-10-20 19:12:41.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\VALOFEEU\CombatArms\GameGuard\npggNT.des that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 63%
Total physical RAM: 3030.36 MB
Available physical RAM: 1117.59 MB
Total Virtual: 6102.36 MB
Available Virtual: 3622.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:469.64 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu pc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2019
Ran by LuciFafa (administrator) on LUCIFAFA-PC (21-10-2019 17:29:35)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.356 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.18011.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-13] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads
FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-10-21]
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-26] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3379072 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91560 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [145048 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [268768 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [47584 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-21 17:29 - 2019-10-21 17:30 - 000028138 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 17:29 - 2019-10-21 17:30 - 000000000 ____D C:\FRST
2019-10-21 17:28 - 2019-10-21 17:28 - 001452544 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 08:46 - 2019-10-18 08:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 08:45 - 2019-10-18 08:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 08:45 - 2019-10-18 08:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 08:31 - 2019-10-18 08:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 08:31 - 2019-10-18 08:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 08:31 - 2019-09-30 06:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 08:31 - 2019-06-26 13:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:48 - 2019-10-17 13:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 13:48 - 2019-10-17 13:48 - 007636680 _____ (Malwarebytes) C:\Users\LuciFafa\Desktop\adwcleaner_7.4.1.exe
2019-10-17 13:18 - 2019-10-17 13:29 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2019-10-11 20:42 - 2019-10-17 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 15:28 - 2019-10-05 15:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 15:28 - 2019-10-05 15:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-05 15:28 - 2019-10-05 15:27 - 000145048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-03 18:25 - 2019-10-03 18:28 - 000000000 ____D C:\Program Files\CCleaner Browser
2019-10-03 18:24 - 2019-10-03 18:24 - 025441808 _____ (Piriform Software Ltd) C:\Users\LuciFafa\Downloads\ccsetup562.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-21 17:30 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-10-21 16:54 - 2019-03-19 04:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-21 16:54 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-10-21 16:53 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-10-20 19:12 - 2019-09-06 20:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-20 19:12 - 2019-09-06 20:48 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-20 19:12 - 2019-09-06 20:48 - 000002864 _____ C:\WINDOWS\system32\Tasks\Java Updater
2019-10-20 19:12 - 2019-09-06 20:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-10-20 19:12 - 2019-09-06 20:48 - 000002254 _____ C:\WINDOWS\system32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-20 19:12 - 2019-09-06 20:48 - 000002126 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-20 19:12 - 2019-09-06 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-20 19:11 - 2019-09-06 20:48 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-20 19:11 - 2019-09-06 20:48 - 000003250 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-18 19:32 - 2019-09-06 20:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-18 19:32 - 2019-03-19 09:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-18 19:32 - 2019-03-19 09:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-18 19:32 - 2019-03-19 04:44 - 000000000 ____D C:\WINDOWS\INF
2019-10-18 19:27 - 2019-09-06 20:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-18 19:27 - 2019-03-19 04:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-18 19:27 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-18 11:52 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-18 08:31 - 2019-03-19 04:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2019-10-17 13:50 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-17 13:50 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-10-14 20:32 - 2015-09-29 17:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-14 20:25 - 2019-09-06 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-11 21:21 - 2015-09-26 08:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-11 08:38 - 2019-09-06 20:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 08:38 - 2019-09-06 20:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 08:38 - 2019-04-10 09:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 08:37 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 13:23 - 2019-09-06 20:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 13:23 - 2019-09-06 20:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 13:10 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-06 10:14 - 2019-09-06 20:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-05 15:39 - 2015-09-29 19:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 15:28 - 2018-02-14 15:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 15:27 - 2019-09-09 19:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 15:27 - 2019-02-19 12:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 15:27 - 2018-10-16 10:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-03 18:29 - 2019-09-06 20:42 - 000000000 ____D C:\Users\LuciFafa
2019-10-03 18:25 - 2019-01-15 12:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-26 20:24 - 2019-09-06 20:49 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Packages
2019-09-25 17:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-21 18:46 - 2019-09-20 10:32 - 000000000 ____D C:\WINDOWS\Panther
==================== Files in the root of some directories ================
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 19:29 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 19:29 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 19:29 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 21:29 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 19:29 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 21:29 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 19:29 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 10:48 - 2015-11-20 10:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 19:29 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
2015-09-28 10:38 - 2018-10-03 08:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by LuciFafa (administrator) on LUCIFAFA-PC (21-10-2019 17:29:35)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.356 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.18011.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-13] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads
FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-10-21]
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-26] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3379072 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91560 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [145048 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [268768 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [47584 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-21 17:29 - 2019-10-21 17:30 - 000028138 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 17:29 - 2019-10-21 17:30 - 000000000 ____D C:\FRST
2019-10-21 17:28 - 2019-10-21 17:28 - 001452544 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 08:46 - 2019-10-18 08:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 08:45 - 2019-10-18 08:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 08:45 - 2019-10-18 08:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 08:31 - 2019-10-18 08:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 08:31 - 2019-10-18 08:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 08:31 - 2019-09-30 06:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 08:31 - 2019-06-26 13:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:48 - 2019-10-17 13:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 13:48 - 2019-10-17 13:48 - 007636680 _____ (Malwarebytes) C:\Users\LuciFafa\Desktop\adwcleaner_7.4.1.exe
2019-10-17 13:18 - 2019-10-17 13:29 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2019-10-11 20:42 - 2019-10-17 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 15:28 - 2019-10-05 15:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 15:28 - 2019-10-05 15:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-05 15:28 - 2019-10-05 15:27 - 000145048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-03 18:25 - 2019-10-03 18:28 - 000000000 ____D C:\Program Files\CCleaner Browser
2019-10-03 18:24 - 2019-10-03 18:24 - 025441808 _____ (Piriform Software Ltd) C:\Users\LuciFafa\Downloads\ccsetup562.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-21 17:30 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-10-21 16:54 - 2019-03-19 04:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-21 16:54 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-10-21 16:53 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-10-20 19:12 - 2019-09-06 20:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-20 19:12 - 2019-09-06 20:48 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-20 19:12 - 2019-09-06 20:48 - 000002864 _____ C:\WINDOWS\system32\Tasks\Java Updater
2019-10-20 19:12 - 2019-09-06 20:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-10-20 19:12 - 2019-09-06 20:48 - 000002254 _____ C:\WINDOWS\system32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-20 19:12 - 2019-09-06 20:48 - 000002126 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-20 19:12 - 2019-09-06 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-20 19:11 - 2019-09-06 20:48 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-20 19:11 - 2019-09-06 20:48 - 000003250 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-18 19:32 - 2019-09-06 20:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-18 19:32 - 2019-03-19 09:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-18 19:32 - 2019-03-19 09:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-18 19:32 - 2019-03-19 04:44 - 000000000 ____D C:\WINDOWS\INF
2019-10-18 19:27 - 2019-09-06 20:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-18 19:27 - 2019-03-19 04:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-18 19:27 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-18 11:52 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-18 08:31 - 2019-03-19 04:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2019-10-17 13:50 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-17 13:50 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-10-14 20:32 - 2015-09-29 17:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-14 20:25 - 2019-09-06 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-11 21:21 - 2015-09-26 08:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-11 08:38 - 2019-09-06 20:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 08:38 - 2019-09-06 20:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 08:38 - 2019-04-10 09:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 08:37 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 13:23 - 2019-09-06 20:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 13:23 - 2019-09-06 20:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 13:10 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-06 10:14 - 2019-09-06 20:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-05 15:39 - 2015-09-29 19:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 15:28 - 2018-02-14 15:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 15:27 - 2019-09-09 19:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 15:27 - 2019-02-19 12:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 15:27 - 2018-10-16 10:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-03 18:29 - 2019-09-06 20:42 - 000000000 ____D C:\Users\LuciFafa
2019-10-03 18:25 - 2019-01-15 12:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-26 20:24 - 2019-09-06 20:49 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Packages
2019-09-25 17:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-21 18:46 - 2019-09-20 10:32 - 000000000 ____D C:\WINDOWS\Panther
==================== Files in the root of some directories ================
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 19:29 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 19:29 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 19:29 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 21:29 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 19:29 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 21:29 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 19:29 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 10:48 - 2015-11-20 10:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 19:29 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
2015-09-28 10:38 - 2018-10-03 08:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Re: Prosím o kontrolu pc
Ahojky,
snad jsem to udělala dobře pc v celku jede jen občas se mi otevřou 2x stránky po jednom kliknutí trochu pomalejší ale to bude už stářím . Ještě jedna věc před nedávnem jsem tam pleskla win 10 ( v podstatě se snima seznamuju) a přijde mi tam mnoho zbytečností nebyl by nějaky odkaz vysvětlivky co je důležité a co na odfajfkovaní. Děkuji
snad jsem to udělala dobře pc v celku jede jen občas se mi otevřou 2x stránky po jednom kliknutí trochu pomalejší ale to bude už stářím
. Ještě jedna věc před nedávnem jsem tam pleskla win 10 ( v podstatě se snima seznamuju) a přijde mi tam mnoho zbytečností nebyl by nějaky odkaz vysvětlivky co je důležité a co na odfajfkovaní. DěkujiRe: Prosím o kontrolu pc
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum CMD: type "C:\WINDOWS\System32\Tasks\Java Updater" CMD: type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js" FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0 Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29] FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0 FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File] FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X] U3 idsvc; no ImagePath 2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit 2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe 2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro 2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074 ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu pc
Fix result of Farbar Recovery Scan Tool (x86) Version: 21-10-2019
Ran by LuciFafa (22-10-2019 18:49:28) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\WINDOWS\System32\Tasks\Java Updater"
CMD: type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 3021
Average :
Sum : 1326705091
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= type "C:\WINDOWS\System32\Tasks\Java Updater" =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Author>Oracle Corporation</Author>
<Description>Java(TM) Update Scheduler</Description>
<URI>\{83BCBB2F-8370-4318-B285-D0ED7307BFE2}</URI>
</RegistrationInfo>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-1117677789-4214877554-3075564690-1000</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
</Settings>
<Triggers>
<BootTrigger>
<StartBoundary>2019-07-12T21:29:04</StartBoundary>
<Delay>PT10S</Delay>
</BootTrigger>
</Triggers>
<Actions Context="Author">
<Exec>
<Command>C:\Users\LuciFafa\AppData\Roaming\nircmd.exe</Command>
<Arguments>exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe"</Arguments>
</Exec>
</Actions>
</Task>
========= End of CMD: =========
========= type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js" =========
user_pref("browser.shell.checkDefaultBrowser",false);
user_pref("extensions.blocklist.url","https://blocklists.settings.services.mo ... _LAST_PING%/");
user_pref("toolkit.telemetry.server","https://incoming.telemetry.moziIIa.org");
user_pref("extensions.blocklist.enabled",false);
user_pref("xpinstall.signatures.required",false);
user_pref("app.shield.optoutstudies.enabled",false);
user_pref("app.normandy.enabled",false);
user_pref("extensions.autoDisableScopes",0);
user_pref("app.update.enabled",false);
========= End of CMD: =========
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
C:\Windows\System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5B3796B-559A-436C-B72D-371E70F9547B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
C:\Windows\System32\Tasks\Java Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
C:\Windows\System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1}" => removed successfully.
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js => moved successfully
Firefox Proxy settings were reset.
"Firefox HomepageOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox HomepageOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"Firefox NewTabOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox NewTabOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{b84eec0c-f44b-420f-b2ee-db2a585be7fc}" => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully.
HKLM\System\CurrentControlSet\Services\rpcapd => removed successfully.
rpcapd => service removed successfully.
HKLM\System\CurrentControlSet\Services\amdacpksd => removed successfully.
amdacpksd => service removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
C:\rsit => moved successfully
C:\Users\LuciFafa\Downloads\RSIT.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074 => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108215154 B
Java, Flash, Steam htmlcache => 172828796 B
Windows/system/drivers => 708 B
Edge => 1021931 B
Chrome => 0 B
Firefox => 1121689681 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
LocalService => 40268 B
NetworkService => 40904 B
LuciFafa => 23850847 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:52:08 ====
Ran by LuciFafa (22-10-2019 18:49:28) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\WINDOWS\System32\Tasks\Java Updater"
CMD: type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 3021
Average :
Sum : 1326705091
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= type "C:\WINDOWS\System32\Tasks\Java Updater" =========
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Author>Oracle Corporation</Author>
<Description>Java(TM) Update Scheduler</Description>
<URI>\{83BCBB2F-8370-4318-B285-D0ED7307BFE2}</URI>
</RegistrationInfo>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-1117677789-4214877554-3075564690-1000</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
</Settings>
<Triggers>
<BootTrigger>
<StartBoundary>2019-07-12T21:29:04</StartBoundary>
<Delay>PT10S</Delay>
</BootTrigger>
</Triggers>
<Actions Context="Author">
<Exec>
<Command>C:\Users\LuciFafa\AppData\Roaming\nircmd.exe</Command>
<Arguments>exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe"</Arguments>
</Exec>
</Actions>
</Task>
========= End of CMD: =========
========= type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js" =========
user_pref("browser.shell.checkDefaultBrowser",false);
user_pref("extensions.blocklist.url","https://blocklists.settings.services.mo ... _LAST_PING%/");
user_pref("toolkit.telemetry.server","https://incoming.telemetry.moziIIa.org");
user_pref("extensions.blocklist.enabled",false);
user_pref("xpinstall.signatures.required",false);
user_pref("app.shield.optoutstudies.enabled",false);
user_pref("app.normandy.enabled",false);
user_pref("extensions.autoDisableScopes",0);
user_pref("app.update.enabled",false);
========= End of CMD: =========
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
C:\Windows\System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5B3796B-559A-436C-B72D-371E70F9547B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
C:\Windows\System32\Tasks\Java Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
C:\Windows\System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1}" => removed successfully.
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js => moved successfully
Firefox Proxy settings were reset.
"Firefox HomepageOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox HomepageOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"Firefox NewTabOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox NewTabOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{b84eec0c-f44b-420f-b2ee-db2a585be7fc}" => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully.
HKLM\System\CurrentControlSet\Services\rpcapd => removed successfully.
rpcapd => service removed successfully.
HKLM\System\CurrentControlSet\Services\amdacpksd => removed successfully.
amdacpksd => service removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
C:\rsit => moved successfully
C:\Users\LuciFafa\Downloads\RSIT.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074 => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108215154 B
Java, Flash, Steam htmlcache => 172828796 B
Windows/system/drivers => 708 B
Edge => 1021931 B
Chrome => 0 B
Firefox => 1121689681 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
LocalService => 40268 B
NetworkService => 40904 B
LuciFafa => 23850847 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:52:08 ====
Re: Prosím o kontrolu pc
Ako to vyzera s PC? Su nejake problemy? Plocha ma cca 1 GB. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu pc
Ahojky děkuji za pomoc pc běží v normě plochu jsem zmenšila jen na zastupce. Jen dotaz zda tam bylo něco škodlivého nebo jen nepodstatný obsah. Děkuji
Re: Prosím o kontrolu pc
Este som narazil na urcite podozrive subory v PC. Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum VirusTotal: C:\Users\LuciFafa\AppData\Roaming\Runservice.exe File: C:\Users\LuciFafa\AppData\Roaming\nircmd.exe File: C:\Users\LuciFafa\AppData\Roaming\nssm.exe File: C:\Users\LuciFafa\AppData\Roaming\Runservice.exe File: C:\Users\LuciFafa\AppData\Roaming\Redist.exe 2015-11-18 19:29 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll 2015-11-18 19:29 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll 2015-11-18 19:29 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll 2015-11-18 19:29 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll 2015-11-18 19:29 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll 2015-11-18 19:29 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll 2015-11-18 19:29 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe 2019-07-12 21:29 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe 2015-11-18 19:29 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll 2019-07-12 21:29 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe 2015-11-18 19:29 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll 2015-11-20 10:48 - 2015-11-20 10:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin 2015-11-18 19:29 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll 2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074 Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu pc
Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2019-11-03 13:45:15
Microsoft Windows 10 Home
System drive C: has 465 GB (49%) free of 953 GB
Total RAM: 3030 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:17, on 3.11.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19101.469.0_x86__8wekyb3d8bbwe\YourPhone.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\MicrosoftEdgeCP.exe
C:\WINDOWS\system32\MicrosoftEdgeSH.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\CompPkgSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\LuciFafa\Downloads\FRST(1).exe
C:\Users\LuciFafa\Downloads\RSIT(1).exe
C:\Program Files\trend micro\LuciFafa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 7416 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18 480312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18 194616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 73728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-05 232840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-10-05 645648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-09-25 1617800]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
"OneDrive"=C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-10 1592440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-07-12 223360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-11-03 13:23:11 ----D---- C:\rsit
2019-11-03 13:23:11 ----D---- C:\Program Files\trend micro
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45:11 ----A---- C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45:08 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:44:56 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mf.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44:43 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\werui.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\sud.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44:33 ----A---- C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\services.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\hal.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wer.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\webio.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ci.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\winload.exe
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\drivers\UsbPmApi.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\user32.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\container.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\splwow64.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\explorer.exe
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\drivers\MbbCx.sys
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\viac7.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\hidspi.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2019-11-02 19:35:48 ----A---- C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23:33 ----D---- C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-01 12:18:38 ----D---- C:\Program Files\Mozilla Firefox
2019-10-29 18:37:57 ----D---- C:\ProgramData\BlueStacks
2019-10-29 18:37:52 ----D---- C:\Program Files\BlueStacks
2019-10-21 16:29:04 ----D---- C:\FRST
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files\Java
2019-10-18 07:46:25 ----D---- C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46:17 ----D---- C:\Program Files\Common Files\Oracle
2019-10-18 07:46:17 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:45:47 ----D---- C:\Program Files\Java
2019-10-18 07:31:44 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2019-10-18 07:31:39 ----A---- C:\WINDOWS\system32\drivers\mbae.sys
2019-10-17 12:48:09 ----D---- C:\AdwCleaner
2019-10-05 14:28:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
======List of files/folders modified in the last 1 month======
2019-11-03 13:44:37 ----SHD---- C:\System Volume Information
2019-11-03 13:44:16 ----D---- C:\WINDOWS\Prefetch
2019-11-03 13:23:11 ----RD---- C:\Program Files
2019-11-03 13:20:54 ----D---- C:\WINDOWS\Temp
2019-11-03 13:09:00 ----D---- C:\WINDOWS\system32\sru
2019-11-03 12:56:47 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:20:29 ----D---- C:\WINDOWS\system32\Tasks
2019-11-03 12:19:26 ----D---- C:\WINDOWS\system32\NDF
2019-11-03 12:17:01 ----D---- C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10:50 ----D---- C:\WINDOWS\System32
2019-11-03 12:10:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10:49 ----D---- C:\WINDOWS\INF
2019-11-03 10:20:23 ----D---- C:\WINDOWS\AppReadiness
2019-11-03 10:20:10 ----RD---- C:\WINDOWS\Microsoft.NET
2019-11-03 10:17:28 ----D---- C:\WINDOWS\system32\config
2019-11-03 10:17:26 ----D---- C:\WINDOWS\WinSxS
2019-11-03 10:16:57 ----D---- C:\Windows
2019-11-03 10:16:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-11-03 10:15:49 ----D---- C:\WINDOWS\system32\drivers
2019-11-02 23:14:39 ----D---- C:\WINDOWS\system32\catroot2
2019-11-02 23:13:20 ----D---- C:\WINDOWS\SystemResources
2019-11-02 23:13:16 ----D---- C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\wbem
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\sk-SK
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ru-RU
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ro-RO
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pt-PT
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pl-PL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\oobe
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\nl-NL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migwiz
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migration
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\inetsrv
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\en-US
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\el-GR
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\Dism
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\cs-CZ
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\Boot
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\ar-SA
2019-11-02 23:13:05 ----D---- C:\WINDOWS\ShellExperiences
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\PrintDialog
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13:04 ----D---- C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13:04 ----D---- C:\WINDOWS\bcastdvr
2019-11-02 23:13:04 ----D---- C:\WINDOWS\apppatch
2019-11-02 19:55:40 ----D---- C:\WINDOWS\system32\MRT
2019-11-02 19:50:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-11-02 19:50:10 ----D---- C:\WINDOWS\CbsTemp
2019-11-02 19:33:48 ----D---- C:\WINDOWS\Logs
2019-11-02 18:40:49 ----D---- C:\WINDOWS\SoftwareDistribution
2019-11-02 18:19:46 ----D---- C:\Program Files\Google
2019-11-02 17:57:15 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-11-02 17:22:29 ----D---- C:\WINDOWS\debug
2019-11-02 16:37:58 ----D---- C:\WINDOWS\system32\WDI
2019-11-02 14:06:39 ----HD---- C:\Program Files\WindowsApps
2019-11-02 14:06:37 ----D---- C:\ProgramData\Packages
2019-11-02 13:50:33 ----D---- C:\Program Files\Mozilla Maintenance Service
2019-11-01 10:57:11 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:45:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-11-01 10:42:54 ----D---- C:\WINDOWS\LiveKernelReports
2019-10-30 08:23:35 ----D---- C:\WINDOWS\system32\drivers\wd
2019-10-30 08:23:30 ----D---- C:\Program Files\Windows Defender
2019-10-29 18:37:57 ----HD---- C:\ProgramData
2019-10-28 21:26:27 ----D---- C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-23 18:11:36 ----SHD---- C:\WINDOWS\Installer
2019-10-23 18:11:36 ----SHD---- C:\Config.Msi
2019-10-22 17:51:03 ----D---- C:\WINDOWS\system32\drivers\etc
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files
2019-10-18 07:31:44 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-17 12:50:09 ----D---- C:\Program Files\CCleaner
2019-10-11 07:37:59 ----D---- C:\WINDOWS\system32\Macromed
2019-10-07 12:10:45 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:38:33 ----D---- C:\Program Files\WinRAR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2015-03-30 36040]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-05 35512]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-05 169408]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-05 59368]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-05 15792]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-05 73312]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-05 277408]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 45064]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 15688]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 29696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-05 174712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-05 224008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-05 211088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-05 41200]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-05 95168]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-05 691528]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-05 394856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 57144]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 45568]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-11-02 136752]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-10-21 252480]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-11-02 350720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 37888]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-09-06 128512]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [2017-05-16 32682368]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [2017-05-16 415104]
R3 AtiHDAudioService;@oem89.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 dtlitescsibus;@oem45.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 RTL8167;@oem79.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;@oem6.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2015-12-14 27632]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\WINDOWS\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
S0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 693048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 121144]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 103224]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 106296]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-06-26 17352]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 64312]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 79160]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 51512]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 59192]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 33592]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-05 176760]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 14336]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 241664]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-09-06 13312]
S3 AsusVBus;AsusVBus; C:\WINDOWS\system32\DRIVERS\AsusVBus.sys [2017-01-09 33048]
S3 ATP;ASUS Touchpad; C:\WINDOWS\system32\DRIVERS\AsusTP.sys [2017-01-09 66872]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-11-02 90120]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-09-06 92672]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 73216]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-09-06 25600]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-09-06 1091584]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-09-06 70144]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 29696]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 53560]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_x86_856ba6d2e9bf5f71\genericusbfn.sys [2019-09-06 17920]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2019-03-19 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 40248]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-02 43520]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 19968]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 73728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2019-03-19 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 32768]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 19456]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 39944]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 425784]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 46392]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-02 274432]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 46080]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2018-06-22 6456416]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 130560]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 79888]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 13312]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 18944]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 160256]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 76800]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 383872]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-05 859096]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-05 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_4011f;CDPUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-09-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 OneSyncSvc_4011f;OneSyncSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2018-11-14 76888]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_4011f;cbdhsvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-06 733144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-09-25 163328]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_4011f;AarSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-05 5035312]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_4011f;BcastDVRUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_4011f;BluetoothUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_4011f;CaptureService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_4011f;ConsentUxUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 CredentialEnrollmentManagerUserSvc_4011f;CredentialEnrollmentManagerUserSvc_4011f; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_4011f;DeviceAssociationBrokerSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_4011f;DevicePickerUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_4011f;DevicesFlowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 71168]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2019-02-05 43712]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe [2019-10-30 959128]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 5394136]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_4011f;MessagingService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2019-11-01 221728]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-06-22 7188752]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 79360]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_4011f;PimIndexMaintenanceSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_4011f;PrintWorkflowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 863744]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-19 47752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
-----------------EOF-----------------
Run by LuciFafa at 2019-11-03 13:45:15
Microsoft Windows 10 Home
System drive C: has 465 GB (49%) free of 953 GB
Total RAM: 3030 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:17, on 3.11.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19101.469.0_x86__8wekyb3d8bbwe\YourPhone.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\MicrosoftEdgeCP.exe
C:\WINDOWS\system32\MicrosoftEdgeSH.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\CompPkgSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\LuciFafa\Downloads\FRST(1).exe
C:\Users\LuciFafa\Downloads\RSIT(1).exe
C:\Program Files\trend micro\LuciFafa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 7416 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18 480312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18 194616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 73728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-05 232840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-10-05 645648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-09-25 1617800]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
"OneDrive"=C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-10 1592440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-07-12 223360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-11-03 13:23:11 ----D---- C:\rsit
2019-11-03 13:23:11 ----D---- C:\Program Files\trend micro
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45:11 ----A---- C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45:08 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:44:56 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mf.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44:43 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\werui.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\sud.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44:33 ----A---- C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\services.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\hal.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wer.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\webio.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ci.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\winload.exe
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\drivers\UsbPmApi.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\user32.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\container.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\splwow64.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\explorer.exe
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\drivers\MbbCx.sys
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\viac7.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\hidspi.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2019-11-02 19:35:48 ----A---- C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23:33 ----D---- C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-01 12:18:38 ----D---- C:\Program Files\Mozilla Firefox
2019-10-29 18:37:57 ----D---- C:\ProgramData\BlueStacks
2019-10-29 18:37:52 ----D---- C:\Program Files\BlueStacks
2019-10-21 16:29:04 ----D---- C:\FRST
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files\Java
2019-10-18 07:46:25 ----D---- C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46:17 ----D---- C:\Program Files\Common Files\Oracle
2019-10-18 07:46:17 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:45:47 ----D---- C:\Program Files\Java
2019-10-18 07:31:44 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2019-10-18 07:31:39 ----A---- C:\WINDOWS\system32\drivers\mbae.sys
2019-10-17 12:48:09 ----D---- C:\AdwCleaner
2019-10-05 14:28:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
======List of files/folders modified in the last 1 month======
2019-11-03 13:44:37 ----SHD---- C:\System Volume Information
2019-11-03 13:44:16 ----D---- C:\WINDOWS\Prefetch
2019-11-03 13:23:11 ----RD---- C:\Program Files
2019-11-03 13:20:54 ----D---- C:\WINDOWS\Temp
2019-11-03 13:09:00 ----D---- C:\WINDOWS\system32\sru
2019-11-03 12:56:47 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:20:29 ----D---- C:\WINDOWS\system32\Tasks
2019-11-03 12:19:26 ----D---- C:\WINDOWS\system32\NDF
2019-11-03 12:17:01 ----D---- C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10:50 ----D---- C:\WINDOWS\System32
2019-11-03 12:10:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10:49 ----D---- C:\WINDOWS\INF
2019-11-03 10:20:23 ----D---- C:\WINDOWS\AppReadiness
2019-11-03 10:20:10 ----RD---- C:\WINDOWS\Microsoft.NET
2019-11-03 10:17:28 ----D---- C:\WINDOWS\system32\config
2019-11-03 10:17:26 ----D---- C:\WINDOWS\WinSxS
2019-11-03 10:16:57 ----D---- C:\Windows
2019-11-03 10:16:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-11-03 10:15:49 ----D---- C:\WINDOWS\system32\drivers
2019-11-02 23:14:39 ----D---- C:\WINDOWS\system32\catroot2
2019-11-02 23:13:20 ----D---- C:\WINDOWS\SystemResources
2019-11-02 23:13:16 ----D---- C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\wbem
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\sk-SK
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ru-RU
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ro-RO
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pt-PT
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pl-PL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\oobe
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\nl-NL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migwiz
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migration
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\inetsrv
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\en-US
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\el-GR
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\Dism
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\cs-CZ
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\Boot
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\ar-SA
2019-11-02 23:13:05 ----D---- C:\WINDOWS\ShellExperiences
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\PrintDialog
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13:04 ----D---- C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13:04 ----D---- C:\WINDOWS\bcastdvr
2019-11-02 23:13:04 ----D---- C:\WINDOWS\apppatch
2019-11-02 19:55:40 ----D---- C:\WINDOWS\system32\MRT
2019-11-02 19:50:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-11-02 19:50:10 ----D---- C:\WINDOWS\CbsTemp
2019-11-02 19:33:48 ----D---- C:\WINDOWS\Logs
2019-11-02 18:40:49 ----D---- C:\WINDOWS\SoftwareDistribution
2019-11-02 18:19:46 ----D---- C:\Program Files\Google
2019-11-02 17:57:15 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-11-02 17:22:29 ----D---- C:\WINDOWS\debug
2019-11-02 16:37:58 ----D---- C:\WINDOWS\system32\WDI
2019-11-02 14:06:39 ----HD---- C:\Program Files\WindowsApps
2019-11-02 14:06:37 ----D---- C:\ProgramData\Packages
2019-11-02 13:50:33 ----D---- C:\Program Files\Mozilla Maintenance Service
2019-11-01 10:57:11 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:45:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-11-01 10:42:54 ----D---- C:\WINDOWS\LiveKernelReports
2019-10-30 08:23:35 ----D---- C:\WINDOWS\system32\drivers\wd
2019-10-30 08:23:30 ----D---- C:\Program Files\Windows Defender
2019-10-29 18:37:57 ----HD---- C:\ProgramData
2019-10-28 21:26:27 ----D---- C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-23 18:11:36 ----SHD---- C:\WINDOWS\Installer
2019-10-23 18:11:36 ----SHD---- C:\Config.Msi
2019-10-22 17:51:03 ----D---- C:\WINDOWS\system32\drivers\etc
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files
2019-10-18 07:31:44 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-17 12:50:09 ----D---- C:\Program Files\CCleaner
2019-10-11 07:37:59 ----D---- C:\WINDOWS\system32\Macromed
2019-10-07 12:10:45 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:38:33 ----D---- C:\Program Files\WinRAR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2015-03-30 36040]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-05 35512]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-05 169408]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-05 59368]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-05 15792]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-05 73312]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-05 277408]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 45064]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 15688]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 29696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-05 174712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-05 224008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-05 211088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-05 41200]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-05 95168]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-05 691528]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-05 394856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 57144]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 45568]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-11-02 136752]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-10-21 252480]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-11-02 350720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 37888]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-09-06 128512]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [2017-05-16 32682368]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [2017-05-16 415104]
R3 AtiHDAudioService;@oem89.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 dtlitescsibus;@oem45.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 RTL8167;@oem79.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;@oem6.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2015-12-14 27632]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\WINDOWS\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
S0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 693048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 121144]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 103224]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 106296]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-06-26 17352]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 64312]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 79160]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 51512]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 59192]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 33592]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-05 176760]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 14336]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 241664]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-09-06 13312]
S3 AsusVBus;AsusVBus; C:\WINDOWS\system32\DRIVERS\AsusVBus.sys [2017-01-09 33048]
S3 ATP;ASUS Touchpad; C:\WINDOWS\system32\DRIVERS\AsusTP.sys [2017-01-09 66872]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-11-02 90120]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-09-06 92672]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 73216]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-09-06 25600]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-09-06 1091584]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-09-06 70144]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 29696]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 53560]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_x86_856ba6d2e9bf5f71\genericusbfn.sys [2019-09-06 17920]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2019-03-19 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 40248]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-02 43520]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 19968]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 73728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2019-03-19 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 32768]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 19456]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 39944]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 425784]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 46392]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-02 274432]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 46080]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2018-06-22 6456416]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 130560]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 79888]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 13312]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 18944]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 160256]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 76800]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 383872]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-05 859096]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-05 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_4011f;CDPUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-09-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 OneSyncSvc_4011f;OneSyncSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2018-11-14 76888]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_4011f;cbdhsvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-06 733144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-09-25 163328]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_4011f;AarSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-05 5035312]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_4011f;BcastDVRUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_4011f;BluetoothUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_4011f;CaptureService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_4011f;ConsentUxUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 CredentialEnrollmentManagerUserSvc_4011f;CredentialEnrollmentManagerUserSvc_4011f; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_4011f;DeviceAssociationBrokerSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_4011f;DevicePickerUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_4011f;DevicesFlowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 71168]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2019-02-05 43712]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe [2019-10-30 959128]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 5394136]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_4011f;MessagingService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2019-11-01 221728]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-06-22 7188752]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 79360]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_4011f;PimIndexMaintenanceSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_4011f;PrintWorkflowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 863744]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-19 47752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
-----------------EOF-----------------
Re: Prosím o kontrolu pc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2019
Ran by LuciFafa (administrator) on LUCIFAFA-PC (03-11-2019 13:44:14)
Running from C:\Users\LuciFafa\Downloads
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.418 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {310EBAD5-3127-4767-84C7-ED217DDDA5EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-12] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads
FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-11-03]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-04] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2019-11-02]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-02]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-25] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [2258536 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [85032 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [252480 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38280 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [275680 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-03 13:45 - 2019-11-03 13:45 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST(1).exe
2019-11-03 13:38 - 2019-11-03 13:38 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64.exe
2019-11-03 13:34 - 2019-11-03 13:41 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt
2019-11-03 13:34 - 2019-11-03 13:36 - 000043092 _____ C:\Users\LuciFafa\Downloads\Addition.txt
2019-11-03 13:32 - 2019-11-03 13:45 - 000028982 _____ C:\Users\LuciFafa\Downloads\FRST.txt
2019-11-03 13:30 - 2019-11-03 13:30 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2019-11-03 13:23 - 2019-11-03 13:45 - 000000000 ____D C:\Program Files\trend micro
2019-11-03 13:23 - 2019-11-03 13:23 - 000000000 ____D C:\rsit
2019-11-03 13:22 - 2019-11-03 13:22 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-11-03 13:17 - 2019-11-03 13:17 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt.txt
2019-11-03 12:20 - 2019-11-03 12:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1117677789-4214877554-3075564690-1000
2019-11-02 19:45 - 2019-11-02 19:45 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 007069200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005865488 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002995200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002989568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002777088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-11-02 19:44 - 2019-11-02 19:44 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002073200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001973248 _____ C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001909248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001659736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001247024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001223680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001112208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001071112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001018552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000981000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000701424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000682496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000554384 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-11-02 19:44 - 2019-11-02 19:44 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407560 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000135696 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000115240 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000071992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011792 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 004754432 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003129344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003042304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002439680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002063872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001883152 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001539904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001533952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001454632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000824120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000786040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000689976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000551224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000506440 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000323896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000319976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000166952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000156688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000090120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000085008 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000074864 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000035328 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000033792 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000023744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:35 - 2019-09-20 05:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23 - 2019-11-02 18:23 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-02 18:19 - 2019-11-02 18:19 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-02 18:19 - 2019-11-02 18:19 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-02 17:57 - 2019-11-02 17:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-11-02 17:53 - 2019-11-02 17:54 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\ChromeSetup.exe
2019-11-02 17:52 - 2019-11-02 18:08 - 895990248 _____ (AndyOS) C:\Users\LuciFafa\Downloads\Andy_47.260_1096_26_x86.exe
2019-11-02 17:42 - 2019-11-02 17:45 - 1037019670 _____ C:\Users\LuciFafa\Downloads\cloudready-free-76.4.69-64-bit.zip
2019-11-02 17:41 - 2019-11-02 17:41 - 046735120 _____ C:\Users\LuciFafa\Downloads\cloudready-usb-maker.exe
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2019-11-02 17:41 - 2019-11-02 17:41 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\neverware
2019-11-02 16:41 - 2019-11-02 16:41 - 000002167 _____ C:\Users\LuciFafa\Desktop\Sniper 3D.lnk
2019-11-02 16:39 - 2019-11-02 16:39 - 000007059 _____ C:\Users\LuciFafa\-1.14-windows.xml
2019-11-01 12:18 - 2019-11-02 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-29 18:57 - 2019-10-29 18:57 - 000002135 _____ C:\Users\LuciFafa\Desktop\Legends.lnk
2019-10-29 18:43 - 2019-11-03 13:43 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2019-10-29 18:39 - 2019-10-29 18:39 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000002065 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2019-10-29 18:37 - 2019-10-29 18:39 - 000000000 ____D C:\ProgramData\BlueStacks
2019-10-29 18:37 - 2019-10-29 18:37 - 000000000 ____D C:\Program Files\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\Public\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacksSetup
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacks
2019-10-29 18:34 - 2019-10-29 18:35 - 000938720 _____ (BlueStack Systems Inc.) C:\Users\LuciFafa\Downloads\BlueStacksInstaller_4.140.12.1002_native_e06138a23cbe0b63ee4ff51185315a46_TmluamEgVHVydGxlczogTGVnZW5kcw==.exe
2019-10-28 16:17 - 2019-10-28 16:17 - 000001247 _____ C:\Users\LuciFafa\Desktop\Já-padouch-1-(CZ) – zástupce.lnk
2019-10-28 16:09 - 2019-10-28 16:09 - 007622344 _____ (Malwarebytes) C:\Users\LuciFafa\Downloads\adwcleaner_7.4.2.exe
2019-10-23 18:07 - 2019-10-23 18:07 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Google
2019-10-23 18:06 - 2019-10-23 18:06 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\GoogleEarthProSetup.exe
2019-10-22 17:49 - 2019-11-03 13:42 - 000010234 _____ C:\Users\LuciFafa\Desktop\Fixlog.txt
2019-10-21 16:31 - 2019-10-21 16:33 - 000041928 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2019-10-21 16:29 - 2019-11-03 13:44 - 000000000 ____D C:\FRST
2019-10-21 16:29 - 2019-10-21 16:33 - 000039505 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 16:23 - 2019-10-21 16:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 07:46 - 2019-10-18 07:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 07:45 - 2019-10-18 07:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 07:45 - 2019-10-18 07:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 07:31 - 2019-10-18 07:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 07:31 - 2019-10-18 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 07:31 - 2019-09-30 05:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 07:31 - 2019-06-26 12:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 12:48 - 2019-10-17 12:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 12:18 - 2019-10-17 12:29 - 000000000 ____D C:\Users\LuciFafa\Documents\Nová složka (2)
2019-10-05 14:28 - 2019-11-02 13:54 - 000136752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-05 14:28 - 2019-10-05 14:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 14:28 - 2019-10-05 14:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-03 13:43 - 2019-09-06 19:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-03 13:43 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-03 13:38 - 2018-10-23 10:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-11-03 13:27 - 2016-11-18 15:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-11-03 12:56 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 12:17 - 2019-09-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10 - 2019-09-06 19:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10 - 2019-03-19 08:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-11-03 12:10 - 2019-03-19 08:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-11-03 12:10 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 12:07 - 2017-09-05 08:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-11-03 12:06 - 2019-09-06 19:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 12:05 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 12:05 - 2015-09-25 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-03 10:20 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 10:18 - 2019-09-06 19:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-03 10:18 - 2019-09-06 19:49 - 000000000 ___RD C:\Users\LuciFafa\3D Objects
2019-11-03 10:16 - 2019-09-06 19:34 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-02 19:55 - 2015-09-29 15:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-02 19:50 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-02 19:50 - 2015-09-29 15:22 - 124046008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-02 18:28 - 2015-09-25 11:34 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Google
2019-11-02 18:19 - 2015-09-25 11:34 - 000000000 ____D C:\Program Files\Google
2019-11-02 16:39 - 2019-09-06 19:42 - 000000000 ____D C:\Users\LuciFafa
2019-11-02 14:06 - 2019-09-06 20:07 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 14:06 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-02 13:50 - 2015-09-26 07:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-11-01 14:38 - 2015-09-26 07:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-01 10:57 - 2015-09-26 07:36 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:42 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-30 08:23 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-30 08:23 - 2019-03-19 03:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-28 21:26 - 2015-12-26 20:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-28 16:33 - 2019-01-15 11:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-26 18:28 - 2019-09-06 19:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-25 19:41 - 2019-09-06 19:56 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-25 19:41 - 2019-09-06 19:48 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-25 19:41 - 2019-09-06 19:48 - 000003226 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-25 19:41 - 2019-09-06 19:48 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-25 19:41 - 2019-09-06 19:48 - 000002264 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-25 19:41 - 2019-09-06 19:48 - 000002186 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-25 19:41 - 2019-09-06 19:48 - 000002178 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-18 07:31 - 2019-03-19 03:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 12:50 - 2019-01-15 11:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-14 19:32 - 2015-09-29 16:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-11 07:38 - 2019-09-06 19:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 07:38 - 2019-09-06 19:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 07:38 - 2019-04-10 08:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 07:37 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 12:23 - 2019-09-06 19:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 12:23 - 2019-09-06 19:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 12:10 - 2015-09-29 18:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:39 - 2015-09-29 18:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 14:28 - 2018-02-14 14:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 14:27 - 2019-09-09 18:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 14:27 - 2019-02-19 11:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 14:27 - 2018-10-16 09:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
==================== Files in the root of some directories ========
2016-06-03 14:03 - 2016-06-03 14:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 18:29 - 2014-05-26 19:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 18:29 - 2014-05-04 10:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 18:29 - 2013-08-11 14:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 20:29 - 2014-06-29 12:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 14:01 - 2017-10-17 18:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 18:29 - 2014-05-26 19:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 20:29 - 2014-06-26 16:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 18:29 - 2014-05-26 19:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 09:48 - 2015-11-20 09:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 18:29 - 2014-05-26 19:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 09:38 - 2018-10-03 07:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by LuciFafa (administrator) on LUCIFAFA-PC (03-11-2019 13:44:14)
Running from C:\Users\LuciFafa\Downloads
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.418 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {310EBAD5-3127-4767-84C7-ED217DDDA5EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-12] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads
FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-11-03]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-04] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2019-11-02]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-02]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-25] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [2258536 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [85032 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [252480 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38280 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [275680 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-03 13:45 - 2019-11-03 13:45 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST(1).exe
2019-11-03 13:38 - 2019-11-03 13:38 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64.exe
2019-11-03 13:34 - 2019-11-03 13:41 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt
2019-11-03 13:34 - 2019-11-03 13:36 - 000043092 _____ C:\Users\LuciFafa\Downloads\Addition.txt
2019-11-03 13:32 - 2019-11-03 13:45 - 000028982 _____ C:\Users\LuciFafa\Downloads\FRST.txt
2019-11-03 13:30 - 2019-11-03 13:30 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2019-11-03 13:23 - 2019-11-03 13:45 - 000000000 ____D C:\Program Files\trend micro
2019-11-03 13:23 - 2019-11-03 13:23 - 000000000 ____D C:\rsit
2019-11-03 13:22 - 2019-11-03 13:22 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-11-03 13:17 - 2019-11-03 13:17 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt.txt
2019-11-03 12:20 - 2019-11-03 12:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1117677789-4214877554-3075564690-1000
2019-11-02 19:45 - 2019-11-02 19:45 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 007069200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005865488 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002995200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002989568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002777088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-11-02 19:44 - 2019-11-02 19:44 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002073200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001973248 _____ C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001909248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001659736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001247024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001223680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001112208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001071112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001018552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000981000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000701424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000682496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000554384 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-11-02 19:44 - 2019-11-02 19:44 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407560 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000135696 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000115240 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000071992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011792 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 004754432 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003129344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003042304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002439680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002063872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001883152 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001539904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001533952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001454632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000824120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000786040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000689976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000551224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000506440 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000323896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000319976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000166952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000156688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000090120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000085008 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000074864 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000035328 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000033792 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000023744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:35 - 2019-09-20 05:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23 - 2019-11-02 18:23 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-02 18:19 - 2019-11-02 18:19 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-02 18:19 - 2019-11-02 18:19 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-02 17:57 - 2019-11-02 17:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-11-02 17:53 - 2019-11-02 17:54 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\ChromeSetup.exe
2019-11-02 17:52 - 2019-11-02 18:08 - 895990248 _____ (AndyOS) C:\Users\LuciFafa\Downloads\Andy_47.260_1096_26_x86.exe
2019-11-02 17:42 - 2019-11-02 17:45 - 1037019670 _____ C:\Users\LuciFafa\Downloads\cloudready-free-76.4.69-64-bit.zip
2019-11-02 17:41 - 2019-11-02 17:41 - 046735120 _____ C:\Users\LuciFafa\Downloads\cloudready-usb-maker.exe
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2019-11-02 17:41 - 2019-11-02 17:41 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\neverware
2019-11-02 16:41 - 2019-11-02 16:41 - 000002167 _____ C:\Users\LuciFafa\Desktop\Sniper 3D.lnk
2019-11-02 16:39 - 2019-11-02 16:39 - 000007059 _____ C:\Users\LuciFafa\-1.14-windows.xml
2019-11-01 12:18 - 2019-11-02 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-29 18:57 - 2019-10-29 18:57 - 000002135 _____ C:\Users\LuciFafa\Desktop\Legends.lnk
2019-10-29 18:43 - 2019-11-03 13:43 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2019-10-29 18:39 - 2019-10-29 18:39 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000002065 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2019-10-29 18:37 - 2019-10-29 18:39 - 000000000 ____D C:\ProgramData\BlueStacks
2019-10-29 18:37 - 2019-10-29 18:37 - 000000000 ____D C:\Program Files\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\Public\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacksSetup
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacks
2019-10-29 18:34 - 2019-10-29 18:35 - 000938720 _____ (BlueStack Systems Inc.) C:\Users\LuciFafa\Downloads\BlueStacksInstaller_4.140.12.1002_native_e06138a23cbe0b63ee4ff51185315a46_TmluamEgVHVydGxlczogTGVnZW5kcw==.exe
2019-10-28 16:17 - 2019-10-28 16:17 - 000001247 _____ C:\Users\LuciFafa\Desktop\Já-padouch-1-(CZ) – zástupce.lnk
2019-10-28 16:09 - 2019-10-28 16:09 - 007622344 _____ (Malwarebytes) C:\Users\LuciFafa\Downloads\adwcleaner_7.4.2.exe
2019-10-23 18:07 - 2019-10-23 18:07 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Google
2019-10-23 18:06 - 2019-10-23 18:06 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\GoogleEarthProSetup.exe
2019-10-22 17:49 - 2019-11-03 13:42 - 000010234 _____ C:\Users\LuciFafa\Desktop\Fixlog.txt
2019-10-21 16:31 - 2019-10-21 16:33 - 000041928 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2019-10-21 16:29 - 2019-11-03 13:44 - 000000000 ____D C:\FRST
2019-10-21 16:29 - 2019-10-21 16:33 - 000039505 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 16:23 - 2019-10-21 16:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 07:46 - 2019-10-18 07:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 07:45 - 2019-10-18 07:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 07:45 - 2019-10-18 07:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 07:31 - 2019-10-18 07:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 07:31 - 2019-10-18 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 07:31 - 2019-09-30 05:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 07:31 - 2019-06-26 12:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 12:48 - 2019-10-17 12:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 12:18 - 2019-10-17 12:29 - 000000000 ____D C:\Users\LuciFafa\Documents\Nová složka (2)
2019-10-05 14:28 - 2019-11-02 13:54 - 000136752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-05 14:28 - 2019-10-05 14:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 14:28 - 2019-10-05 14:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-03 13:43 - 2019-09-06 19:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-03 13:43 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-03 13:38 - 2018-10-23 10:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-11-03 13:27 - 2016-11-18 15:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-11-03 12:56 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 12:17 - 2019-09-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10 - 2019-09-06 19:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10 - 2019-03-19 08:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-11-03 12:10 - 2019-03-19 08:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-11-03 12:10 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 12:07 - 2017-09-05 08:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-11-03 12:06 - 2019-09-06 19:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 12:05 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 12:05 - 2015-09-25 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-03 10:20 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 10:18 - 2019-09-06 19:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-03 10:18 - 2019-09-06 19:49 - 000000000 ___RD C:\Users\LuciFafa\3D Objects
2019-11-03 10:16 - 2019-09-06 19:34 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-02 19:55 - 2015-09-29 15:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-02 19:50 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-02 19:50 - 2015-09-29 15:22 - 124046008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-02 18:28 - 2015-09-25 11:34 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Google
2019-11-02 18:19 - 2015-09-25 11:34 - 000000000 ____D C:\Program Files\Google
2019-11-02 16:39 - 2019-09-06 19:42 - 000000000 ____D C:\Users\LuciFafa
2019-11-02 14:06 - 2019-09-06 20:07 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 14:06 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-02 13:50 - 2015-09-26 07:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-11-01 14:38 - 2015-09-26 07:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-01 10:57 - 2015-09-26 07:36 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:42 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-30 08:23 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-30 08:23 - 2019-03-19 03:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-28 21:26 - 2015-12-26 20:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-28 16:33 - 2019-01-15 11:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-26 18:28 - 2019-09-06 19:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-25 19:41 - 2019-09-06 19:56 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-25 19:41 - 2019-09-06 19:48 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-25 19:41 - 2019-09-06 19:48 - 000003226 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-25 19:41 - 2019-09-06 19:48 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-25 19:41 - 2019-09-06 19:48 - 000002264 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-25 19:41 - 2019-09-06 19:48 - 000002186 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-25 19:41 - 2019-09-06 19:48 - 000002178 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-18 07:31 - 2019-03-19 03:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 12:50 - 2019-01-15 11:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-14 19:32 - 2015-09-29 16:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-11 07:38 - 2019-09-06 19:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 07:38 - 2019-09-06 19:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 07:38 - 2019-04-10 08:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 07:37 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 12:23 - 2019-09-06 19:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 12:23 - 2019-09-06 19:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 12:10 - 2015-09-29 18:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:39 - 2015-09-29 18:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 14:28 - 2018-02-14 14:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 14:27 - 2019-09-09 18:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 14:27 - 2019-02-19 11:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 14:27 - 2018-10-16 09:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
==================== Files in the root of some directories ========
2016-06-03 14:03 - 2016-06-03 14:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 18:29 - 2014-05-26 19:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 18:29 - 2014-05-04 10:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 18:29 - 2013-08-11 14:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 20:29 - 2014-06-29 12:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 14:01 - 2017-10-17 18:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 18:29 - 2014-05-26 19:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 20:29 - 2014-06-26 16:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 18:29 - 2014-05-26 19:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 09:48 - 2015-11-20 09:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 18:29 - 2014-05-26 19:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 09:38 - 2018-10-03 07:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím o kontrolu pc
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-11-2019
Ran by LuciFafa (03-11-2019 13:45:32)
Running from C:\Users\LuciFafa\Downloads
Microsoft Windows 10 Home Version 1903 18362.418 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x86 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1.7242 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2015-09-25 11:56 - 2014-07-23 02:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 11:56 - 2019-11-03 12:06 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 09:40 - 2012-04-11 09:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 11:56 - 2014-07-23 02:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-10-22 17:51 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 13:19 - 2018-11-25 13:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{83B67CD3-593C-4E91-8D75-AD5856BD5745}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{5D34E05E-5526-49C6-B870-C4CE898B916A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
09-10-2019 19:53:50 Naplánovaný kontrolní bod
18-10-2019 20:27:58 Naplánovaný kontrolní bod
28-10-2019 20:33:18 Naplánovaný kontrolní bod
31-10-2019 15:28:51 Instalační služba modulů systému Windows
02-11-2019 13:51:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/03/2019 01:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.18362.1, časové razítko: 0x68f17365
Název chybujícího modulu: NotificationController.dll, verze: 10.0.18362.387, časové razítko: 0x5ad50eab
Kód výjimky: 0xc0000409
Posun chyby: 0x000bc77d
ID chybujícího procesu: 0x1090
Čas spuštění chybující aplikace: 0x01d59236bbccc28e
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: dba9072e-e62b-430a-93dc-4eac1683ff48
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2019 01:35:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 01:26:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5948,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 01:20:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:41:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:29:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3296,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:15:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3980,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:07:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1f40
Čas spuštění chybující aplikace: 0x01d59236d1906f55
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96548a68-e154-4fbf-8b51-750f59ce98b0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WpnUserService_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba OneSyncSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CDPUserSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (11/02/2019 08:06:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 08:04:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 08:02:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 05:22:26 PM) (Source: DCOM) (EventID: 10000) (User: LuciFafa-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/02/2019 01:50:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:47:20, 01.11.2019) bylo neočekávané.
Windows Defender:
===================================
Date: 2019-11-01 14:39:33.035
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:39:04.425
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:38:38.806
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:37:41.119
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
CodeIntegrity:
===================================
Date: 2019-11-03 13:20:44.483
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.411
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.374
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 71%
Total physical RAM: 3030.36 MB
Available physical RAM: 872.39 MB
Total Virtual: 6102.36 MB
Available Virtual: 2982.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:454.27 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
Ran by LuciFafa (03-11-2019 13:45:32)
Running from C:\Users\LuciFafa\Downloads
Microsoft Windows 10 Home Version 1903 18362.418 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x86 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1.7242 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2015-09-25 11:56 - 2014-07-23 02:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 11:56 - 2019-11-03 12:06 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 09:40 - 2012-04-11 09:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 11:56 - 2014-07-23 02:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-10-22 17:51 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 13:19 - 2018-11-25 13:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{83B67CD3-593C-4E91-8D75-AD5856BD5745}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{5D34E05E-5526-49C6-B870-C4CE898B916A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
09-10-2019 19:53:50 Naplánovaný kontrolní bod
18-10-2019 20:27:58 Naplánovaný kontrolní bod
28-10-2019 20:33:18 Naplánovaný kontrolní bod
31-10-2019 15:28:51 Instalační služba modulů systému Windows
02-11-2019 13:51:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/03/2019 01:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.18362.1, časové razítko: 0x68f17365
Název chybujícího modulu: NotificationController.dll, verze: 10.0.18362.387, časové razítko: 0x5ad50eab
Kód výjimky: 0xc0000409
Posun chyby: 0x000bc77d
ID chybujícího procesu: 0x1090
Čas spuštění chybující aplikace: 0x01d59236bbccc28e
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: dba9072e-e62b-430a-93dc-4eac1683ff48
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2019 01:35:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 01:26:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5948,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 01:20:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:41:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:29:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3296,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:15:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3980,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/03/2019 12:07:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1f40
Čas spuštění chybující aplikace: 0x01d59236d1906f55
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96548a68-e154-4fbf-8b51-750f59ce98b0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WpnUserService_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba OneSyncSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CDPUserSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (11/02/2019 08:06:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 08:04:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 08:02:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/02/2019 05:22:26 PM) (Source: DCOM) (EventID: 10000) (User: LuciFafa-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/02/2019 01:50:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:47:20, 01.11.2019) bylo neočekávané.
Windows Defender:
===================================
Date: 2019-11-01 14:39:33.035
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:39:04.425
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:38:38.806
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
Date: 2019-11-01 14:37:41.119
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1
CodeIntegrity:
===================================
Date: 2019-11-03 13:20:44.483
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.411
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.374
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-03 13:20:44.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 71%
Total physical RAM: 3030.36 MB
Available physical RAM: 872.39 MB
Total Virtual: 6102.36 MB
Available Virtual: 2982.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:454.27 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
Re: Prosím o kontrolu pc
Ahojky peru se stím asi dvě hodiny ten fixlist.txt mě FRST prostě nenašel ikdyž jsem vše dělala dle pokynu not found a nic na ploše to vidím uložila jsem to uplně stejně jako posledně a nic trochu zoufalství. Nejdříve mě to nechtělo ani pustit ten frst po ukecávání uspěch ale to uložení bylo na plochu byl fixlist i když jsem to přejmenovala stale nic not found.
Proto se omlouvám že posílam 3 textaky uplně nové FRST i RSIT
Proto se omlouvám že posílam 3 textaky uplně nové FRST i RSIT
Přispějete na provoz fóra?