Poprosím o půl R/preventní kontrolu , jsem poctivý hledač
.Projel sem to Malwerem (freečkem) 64 hrozeb ( převážně malwer reklam) nenašel sem od toho log
Log z ADW :
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2021
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 21
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Alonzop\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_MRPQ523XMEO0CM2M0N5VJ25Z3NZKGEP4
Deleted C:\Users\Alonzop\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2266e24b-b3d2-4d14-aae8-4ad2c2a7fdb4}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2266e24b-b3d2-4d14-aae8-4ad2c2a7fdb4}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2266e24b-b3d2-4d14-aae8-4ad2c2a7fdb4}|UninstallString
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2617 octets] - [27/07/2020 16:28:33]
AdwCleaner[C00].txt - [2587 octets] - [27/07/2020 16:30:47]
AdwCleaner[S01].txt - [1527 octets] - [03/08/2020 12:30:53]
AdwCleaner[C01].txt - [1717 octets] - [03/08/2020 12:31:10]
AdwCleaner[S02].txt - [1649 octets] - [15/08/2020 10:17:57]
AdwCleaner[S03].txt - [1710 octets] - [14/09/2020 16:12:07]
AdwCleaner[C03].txt - [1900 octets] - [14/09/2020 16:12:14]
AdwCleaner[S04].txt - [1832 octets] - [01/10/2020 06:43:40]
AdwCleaner[S05].txt - [1893 octets] - [17/10/2020 23:06:23]
AdwCleaner[S06].txt - [4196 octets] - [25/01/2021 09:31:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########
-----------------------------------------------------------------------------------------------------------------
JRT :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Alonzop (Administrator) on 25.01.2021 at 9:46:41,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\extensions\staged (Folder)
user_pref(browser.newtab.url, hxxps://securesearch.org/homepage?hp=2&pId=JD180501&iDate=2021-01-11 09:20:36&iid=a2d5253a-fb3c-4277-900e-a12d7ed199dc&bName=);
user_pref(browser.newtabpage.url, hxxps://securesearch.org/homepage?hp=2&pId=JD180501&iDate=2021-01-11 09:20:36&iid=a2d5253a-fb3c-4277-900e-a12d7ed199dc&bName=);
Registry: 4
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2021 at 9:47:58,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST LoG :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by Alonzop (administrator) on X-COM (MSI MS-7721) (25-01-2021 09:54:46)
Running from C:\Users\Alonzop\Desktop
Loaded Profiles: Alonzop
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Sog951x1Sound] => C:\Program Files\PATRIOT VIPER HEADSET V370\CPL\PATRIOT_MEMORY_x64.exe [2418176 2020-10-21] () [File not signed]
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-03-30] () [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\Run: [Steam] => E:\steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\Run: [EpicGamesLauncher] => "E:\New Folder\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\MountPoints2: {23449e1c-fbfd-11ea-9255-d43d7e9f40c1} - "G:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2020-07-30]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [File not signed]
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0215F8C6-A8C9-47B9-8E05-8AFE546A0DD3} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-01-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1C0A991B-3D0E-409A-852B-212F8A4E150F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {30AFD5E9-8274-45D4-B382-093DA7FD9063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F3A7639-A5BA-4E90-909D-AB1746FE2749} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54AA9065-3B57-4943-8FFA-8BE4D31E83EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {682E11C2-80D8-46BB-BA44-3F0334ADA3E3} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-01-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9A89FA55-F5EA-4B5F-B852-B3D01DD3BC10} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68160 2021-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9F1016C9-1168-4B13-A8EB-7E8FA09B7D65} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60480 2021-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B2C54445-01CA-4D5F-850C-12955846F750} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709320 2021-01-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DA4F73FA-CD57-4C75-803F-E15C24F400D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4C77175-82E5-4F96-9DF5-3DF931B2BDED} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2776440 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{4c4aafbc-c479-40e0-a1ff-a715d865b929}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6a4ac685-8f40-456c-8f73-214afd18fbcf}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{bd159d1c-eafb-4eb7-96d8-316248c89b30}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{c8cf109d-04f4-443f-be0f-58f887b1745e}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{db9a098b-1de0-408b-874f-91fae1373310}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{dfefb374-4fd3-4afa-a993-85f067786d99}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Edge:
=======
Edge Profile: C:\Users\Alonzop\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-25]
Edge StartupUrls: Default -> "hxxp://divokekmeny.cz/"
Edge Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\Alonzop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2021-01-01]
Edge Extension: (Mortal Kombat Wallpaper HD Custom New Tab) - C:\Users\Alonzop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbjcadakoibdlgdaldlkjihegakegjm [2020-08-24]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Alonzop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-01-01]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
FireFox:
========
FF DefaultProfile: uxlgs80u.default
FF ProfilePath: C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\uxlgs80u.default [2021-01-11]
FF Homepage: Mozilla\Firefox\Profiles\uxlgs80u.default -> hxxps://www.seznam.cz/
FF ProfilePath: C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release [2021-01-25]
FF Homepage: Mozilla\Firefox\Profiles\x0lwbb1a.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\x0lwbb1a.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=JD180501&iDate=2021-01-11 09:20:36&iid=a2d5253a-fb3c-4277-900e-a12d7ed199dc&bName=
FF Notifications: Mozilla\Firefox\Profiles\x0lwbb1a.default-release -> hxxps://mail-notification.info
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\@windscribeff.xpi [2020-12-18]
FF Extension: (AdBlocker Ultimate) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2020-12-08]
FF Extension: (Privacy Badger) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-01-23]
FF Extension: (uBlock Origin) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-01-05]
FF Extension: (Worldwide Radio) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\worldwide@radio.xpi [2020-07-29]
FF Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-01-23]
FF Extension: (AbyssYellow) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\{adc5e39e-0f46-4326-a1c3-32681e673e00}.xpi [2021-01-23]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Alonzop\AppData\Roaming\Mozilla\Firefox\Profiles\x0lwbb1a.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-12-08]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{0EF33DD9-B9E5-41F8-BB50-D60BDA2914E6}.xpi [2021-01-25] [not signed]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\FileSyncHelper.exe [2191224 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-07] (Huawei Technologies Co., Ltd. -> )
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2016-03-15] (Wireless) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-24] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\OneDriveUpdaterService.exe [2556280 2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-06-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-06-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [53064 2020-07-11] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 JSWPSLWF; C:\WINDOWS\system32\DRIVERS\jswpslwfx.sys [26624 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-24] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl72fbf999; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{403183B5-D9AE-402D-B422-CAAD45335712}\MpKslDrv.sys [91376 2021-01-25] (Microsoft Windows -> Microsoft Corporation)
R3 PATRIOTRGB; C:\WINDOWS\System32\drivers\PATRIOTRGB.sys [3783680 2020-10-21] (C-MEDIA ELECTRONICS INC. -> Patriot Memory LLC)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-25 09:54 - 2021-01-25 09:55 - 000014877 _____ C:\Users\Alonzop\Desktop\FRST.txt
2021-01-25 09:53 - 2021-01-25 09:53 - 002297344 _____ (Farbar) C:\Users\Alonzop\Desktop\FRST64.exe
2021-01-25 09:47 - 2021-01-25 09:47 - 000001549 _____ C:\Users\Alonzop\Desktop\JRT.txt
2021-01-25 09:06 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\fHUWuxXUrIE
2021-01-25 02:46 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\wdOFiWGfYwbQC
2021-01-25 02:46 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\QugXxQbwU
2021-01-25 02:46 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\JZkvhlsaTPvVqBWGjRR
2021-01-25 02:46 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\iZzTXVUzpkLU2
2021-01-25 02:46 - 2021-01-25 09:29 - 000000000 ____D C:\Program Files (x86)\DRNUeEkNNVUn
2021-01-25 02:45 - 2021-01-25 09:05 - 000004822 __RSH C:\ProgramData\ntuser.pol
2021-01-25 00:57 - 2021-01-25 01:15 - 000000000 ____D C:\Users\Alonzop\Downloads\Baldurs Gate 3 v4.4.50.6562
2021-01-25 00:44 - 2021-01-25 00:45 - 000000000 ____D C:\Users\Alonzop\Downloads\The Book Of Eli 480p BRRip CZ
2021-01-24 22:04 - 2021-01-25 07:54 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-24 22:04 - 2021-01-25 07:54 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-24 22:04 - 2021-01-24 22:04 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-24 22:03 - 2021-01-24 22:03 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-24 22:03 - 2021-01-24 22:03 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-24 22:03 - 2021-01-24 22:03 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-24 22:03 - 2021-01-24 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-01-24 22:03 - 2021-01-24 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-24 21:59 - 2021-01-20 18:08 - 001857840 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-24 21:59 - 2021-01-20 18:08 - 001857840 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-24 21:59 - 2021-01-20 18:08 - 001438512 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-24 21:59 - 2021-01-20 18:08 - 001438512 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-24 21:59 - 2021-01-20 18:08 - 001093704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 001093704 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000946872 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000946872 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000736576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000620832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000496416 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000432448 _____ C:\WINDOWS\system32\EEURestart.exe
2021-01-24 21:59 - 2021-01-20 18:08 - 000379688 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000186664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000166176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000156448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000142120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000090408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000075040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000046376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-24 21:59 - 2021-01-20 18:08 - 000043304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-24 21:59 - 2021-01-20 18:07 - 000492848 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-24 21:59 - 2021-01-20 18:07 - 000339248 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-24 21:59 - 2021-01-20 18:07 - 000166704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-24 21:59 - 2021-01-20 18:07 - 000140600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-24 21:59 - 2021-01-20 18:07 - 000019856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-24 21:59 - 2021-01-20 18:07 - 000019856 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-24 21:59 - 2021-01-19 04:34 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-24 21:59 - 2021-01-19 04:34 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-24 21:58 - 2021-01-20 18:07 - 000796968 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-24 21:58 - 2021-01-20 18:07 - 000468264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-24 21:58 - 2021-01-20 18:07 - 000455976 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-24 21:58 - 2021-01-20 18:07 - 000351528 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-24 21:58 - 2021-01-20 18:07 - 000245032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-24 21:58 - 2021-01-20 18:07 - 000212776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-24 21:58 - 2021-01-20 18:07 - 000135488 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-24 21:58 - 2021-01-20 18:07 - 000125248 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-24 21:58 - 2021-01-20 18:07 - 000107304 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 079753520 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 065439528 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 004923176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 004629280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 001492768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 001358120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 001358120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000182064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000158320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000149792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000130344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000122152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000106792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-24 21:58 - 2021-01-20 18:06 - 000069928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 073048376 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 001685696 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 001365048 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000940848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000768304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000546864 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000489264 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000466224 _____ C:\WINDOWS\system32\amdlogum.exe
2021-01-24 21:58 - 2021-01-20 18:05 - 000379696 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000130304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000130304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000108320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-24 21:58 - 2021-01-20 18:05 - 000108320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-24 21:58 - 2021-01-20 18:04 - 000135992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-24 21:58 - 2021-01-20 18:04 - 000120336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-01-24 21:58 - 2021-01-19 04:21 - 000553752 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-24 21:58 - 2021-01-19 04:21 - 000553752 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-01-22 18:19 - 2021-01-22 18:19 - 000000000 ____D C:\Users\Alonzop\Downloads\The Mandalorian Season 2 - Vol. 1 (Chapters 9-12) (Original Score) (2020) Mp3 320kbps [PMEDIA]
2021-01-22 04:27 - 2021-01-22 04:27 - 000000000 ____D C:\Users\Alonzop\AppData\Local\FactoryGame
2021-01-21 17:01 - 2021-01-21 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-01-21 17:01 - 2021-01-21 17:01 - 000000844 _____ C:\Users\Alonzop\Desktop\Satisfactory.lnk
2021-01-21 17:01 - 2021-01-21 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-01-21 16:55 - 2021-01-21 16:55 - 000000000 ____D C:\Games
2021-01-21 09:54 - 2021-01-21 10:56 - 000000000 ____D C:\Users\Alonzop\Downloads\Satisfactory by xatab
2021-01-21 09:54 - 2021-01-21 09:54 - 000000000 ____D C:\Users\Alonzop\Downloads\KIS 2018 CZ+HU SPECIAL TECHNICS 90 DAYS!
2021-01-20 07:19 - 2021-01-20 07:19 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c94d5ac2a452
2021-01-19 20:18 - 2021-01-19 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena
2021-01-17 06:40 - 2021-01-17 12:23 - 000000000 ____D C:\Users\Alonzop\Downloads\The Mandalorian S01 INTERNAL 1080p WEB H264-SCENE
2021-01-13 14:52 - 2021-01-13 14:52 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-13 14:13 - 2021-01-13 14:13 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 14:13 - 2021-01-13 14:13 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 14:13 - 2021-01-13 14:13 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 14:13 - 2021-01-13 14:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 14:13 - 2021-01-13 14:13 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-13 14:13 - 2021-01-13 14:13 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 14:13 - 2021-01-13 14:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 14:13 - 2021-01-13 14:13 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-13 14:13 - 2021-01-13 14:13 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-13 14:13 - 2021-01-13 14:13 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 14:13 - 2021-01-13 14:13 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-13 14:13 - 2021-01-13 14:13 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 14:13 - 2021-01-13 14:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 14:13 - 2021-01-13 14:13 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 14:13 - 2021-01-13 14:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 14:13 - 2021-01-13 14:13 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 14:12 - 2021-01-13 14:12 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 14:12 - 2021-01-13 14:12 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 14:12 - 2021-01-13 14:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 14:12 - 2021-01-13 14:12 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-13 14:12 - 2021-01-13 14:12 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 14:12 - 2021-01-13 14:12 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 14:12 - 2021-01-13 14:12 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 14:12 - 2021-01-13 14:12 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 14:12 - 2021-01-13 14:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 14:12 - 2021-01-13 14:12 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 14:12 - 2021-01-13 14:12 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 14:11 - 2021-01-13 14:11 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 14:11 - 2021-01-13 14:11 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-13 14:11 - 2021-01-13 14:11 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-13 14:11 - 2021-01-13 14:11 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 14:11 - 2021-01-13 14:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 14:11 - 2021-01-13 14:11 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 14:11 - 2021-01-13 14:11 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 14:11 - 2021-01-13 14:11 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 14:11 - 2021-01-13 14:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 14:11 - 2021-01-13 14:11 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-13 14:10 - 2021-01-13 14:10 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 14:10 - 2021-01-13 14:10 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 14:10 - 2021-01-13 14:10 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 14:10 - 2021-01-13 14:10 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 14:10 - 2021-01-13 14:10 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 14:10 - 2021-01-13 14:10 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 14:10 - 2021-01-13 14:10 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-12 17:27 - 2021-01-12 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VCD Player
2021-01-12 17:27 - 2021-01-12 17:27 - 000000000 ____D C:\Program Files (x86)\X-VCD Player
2021-01-12 17:26 - 2021-01-12 17:26 - 000559736 _____ (Xequte Software ) C:\Users\Alonzop\Downloads\xvcd.exe
2021-01-12 17:02 - 2021-01-12 17:02 - 039681752 _____ (PandoraTV) C:\Users\Alonzop\Downloads\kmplayer.exe
2021-01-11 22:21 - 2021-01-11 22:21 - 000000655 _____ C:\Users\Alonzop\Desktop\JDownloader 2.lnk
2021-01-11 22:21 - 2021-01-11 22:21 - 000000000 ____D C:\Users\Alonzop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2021-01-11 22:20 - 2021-01-25 09:31 - 000000000 ____D C:\Users\Alonzop\AppData\Roaming\Lavasoft
2021-01-11 22:20 - 2021-01-25 09:31 - 000000000 ____D C:\Users\Alonzop\AppData\Local\Lavasoft
2021-01-11 22:20 - 2021-01-25 09:31 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-11 22:20 - 2021-01-25 09:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-11 22:20 - 2021-01-11 22:20 - 000000000 ____D C:\ProgramData\Oracle
2021-01-11 22:17 - 2021-01-11 22:17 - 045395008 _____ (AppWork GmbH) C:\Users\Alonzop\Downloads\JDownloaderSetup.exe
2021-01-07 05:55 - 2021-01-07 05:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-07 05:21 - 2021-01-12 05:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-25 09:55 - 2020-07-27 15:39 - 000000000 ____D C:\FRST
2021-01-25 09:54 - 2020-06-05 04:51 - 000000000 ____D C:\Users\Alonzop\AppData\LocalLow\Mozilla
2021-01-25 09:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-25 09:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-25 09:31 - 2020-06-11 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-25 09:29 - 2020-12-03 08:15 - 000000000 ____D C:\Users\Alonzop\Desktop\bordel
2021-01-25 09:04 - 2020-08-29 05:22 - 000000000 ____D C:\Users\Alonzop\AppData\Local\CrashDumps
2021-01-25 02:46 - 2020-07-29 10:56 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-01-25 01:44 - 2020-12-03 09:24 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 01:44 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 01:44 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 01:39 - 2020-12-03 09:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-25 01:39 - 2020-12-03 09:02 - 000000000 ____D C:\Users\Alonzop
2021-01-25 01:39 - 2020-07-29 10:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-25 01:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-25 01:37 - 2020-12-03 09:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-25 01:27 - 2020-08-03 11:00 - 000000000 ____D C:\Users\Alonzop\AppData\Roaming\qBittorrent
2021-01-25 00:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-24 22:15 - 2020-07-29 10:40 - 000000000 ____D C:\Users\Alonzop\AppData\Local\D3DSCache
2021-01-24 22:11 - 2020-07-29 10:40 - 000000000 ____D C:\Users\Alonzop\AppData\Local\AMD
2021-01-24 22:11 - 2020-06-04 07:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-24 22:07 - 2020-06-06 11:50 - 000000000 ____D C:\Users\Alonzop\AppData\LocalLow\AMD
2021-01-24 22:05 - 2020-07-29 10:12 - 000000000 ____D C:\Program Files\AMD
2021-01-24 21:59 - 2020-06-04 16:30 - 000000000 ____D C:\AMD
2021-01-24 21:52 - 2020-11-22 13:16 - 000000000 ____D C:\Users\Alonzop\AppData\Local\AMD_Common
2021-01-24 09:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-23 02:26 - 2020-07-31 04:35 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-23 00:28 - 2020-07-20 02:45 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 00:28 - 2020-07-20 02:45 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-23 00:28 - 2020-07-20 02:45 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-23 00:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-20 18:06 - 2020-11-21 05:37 - 001800488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-01-20 18:05 - 2020-12-10 14:29 - 000169672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-20 18:05 - 2020-11-21 05:37 - 000202120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-01-20 07:19 - 2020-12-03 09:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-19 06:48 - 2020-10-31 08:33 - 000000000 ____D C:\Program Files (x86)\dotnet
2021-01-19 06:48 - 2020-10-31 08:32 - 000000000 ____D C:\Program Files\dotnet
2021-01-19 06:48 - 2020-08-29 04:53 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-18 16:23 - 2020-12-17 06:21 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-14 08:19 - 2020-12-03 08:14 - 000000000 ____D C:\Users\Alonzop\Desktop\moje
2021-01-14 02:18 - 2020-07-30 09:25 - 000000000 ____D C:\Users\Alonzop\AppData\Local\ElevatedDiagnostics
2021-01-13 14:52 - 2020-12-03 09:16 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 14:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-13 14:50 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 14:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 14:10 - 2020-12-03 09:21 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 13:56 - 2020-08-01 18:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 13:55 - 2020-08-01 18:53 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-12 05:45 - 2020-07-29 12:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-11 22:23 - 2020-07-29 12:35 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-10 05:51 - 2020-09-17 22:58 - 000000000 ____D C:\Users\Alonzop\Desktop\Games
2021-01-07 05:55 - 2020-06-05 04:51 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
==================== Files in the root of some directories ========
2010-04-29 13:46 - 2020-11-07 14:04 - 002043137 _____ () C:\Program Files (x86)\DirectX_11_Technology_Update_US.pptx
2010-07-16 14:30 - 2020-11-07 14:04 - 044951665 _____ () C:\Program Files (x86)\DirectX_11_Technology_Update_US.wma
2020-07-29 11:22 - 2020-07-29 11:28 - 000007666 _____ () C:\Users\Alonzop\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
FRST Dodatek :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by Alonzop (25-01-2021 09:57:28)
Running from C:\Users\Alonzop\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-12-03 08:25:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3622225975-1328666760-5524277-500 - Administrator - Disabled)
Alonzop (S-1-5-21-3622225975-1328666760-5524277-1001 - Administrator - Enabled) => C:\Users\Alonzop
DefaultAccount (S-1-5-21-3622225975-1328666760-5524277-503 - Limited - Disabled)
Guest (S-1-5-21-3622225975-1328666760-5524277-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3622225975-1328666760-5524277-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.1.1 - Advanced Micro Devices, Inc.)
Baldur's Gate 3 (HKLM-x32\...\1456460669_is1) (Version: 4.1.85.1780 - GOG.com)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{B2081DA9-6C73-403B-BA23-DCE21015C0A1}) (Version: 1.1.293.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
File Viewer Plus 3 (HKLM-x32\...\{14AA67B8-9215-4E7F-8C9C-1C3239668C7E}_is1) (Version: 3.3.0 - Sharpened Productions)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.320 - Huawei Technologies Co., Ltd.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.11 (x64) (HKLM-x32\...\{e746e6a9-8254-4477-bbe0-a05900ec44e3}) (Version: 3.1.11.29516 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.11 (x86) (HKLM-x32\...\{1dd5d240-f2b6-4007-b1c5-20678f1e9f70}) (Version: 3.1.11.29516 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MTG Arena (HKLM\...\{2DDEAC8B-904F-445D-93E0-12F5C60A8B57}) (Version: 0.1.3348 - Wizards of the Coast)
PATRIOT VIPER HEADSET V370 (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D1951}) (Version: 1.00.0010 - Patriot Memory LLC)
qBittorrent 4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Satisfactory v. 0.3.7.7 - build 140083 (HKLM-x32\...\Satisfactory_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
X-VCD Player (HKLM-x32\...\X-VCD Player_is1) (Version: Version 2.0 - Xequte Software)
Packages:
=========
Any Player -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.1.9.0_x64__y5c4dfz5b21fm [2020-07-29] (Any DVD & Office App)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-24] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-11-23] (Microsoft Corporation)
DVD Player+ -> C:\Program Files\WindowsApps\61878MobilityinLifeapplic.DVDPlayer_9.9.16.0_x64__zfxkqydss3nar [2020-12-16] (Mobility in Life applications) [Startup Task]
HiSuite -> C:\Program Files\WindowsApps\6530varisteGalois.HiSuite_1.1.0.0_x86__gcbhn7m1f6q1a [2020-08-05] (Évariste Galois)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-12] (Microsoft Studios) [MS Ad]
Nero DVD Player -> C:\Program Files\WindowsApps\NeroAG.NeroDVDPlayer_1.0.18.0_x86__k5ye2zvjqqeaw [2020-12-25] (NeroAG)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0 [2021-01-23] (Spotify AB) [Startup Task]
Video Player All Format - Full HD Video Player for VLC -> C:\Program Files\WindowsApps\9943DocumentProfessional.VideoPlayerAllFormat-Full_1.1.0.0_x64__gnk190jnb5a88 [2020-07-29] (DocumentProfessional)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2100.7.0_x64__cv1g1gvanyjgm [2021-01-21] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.201.1005.0009\amd64\FileSyncShell64.dll [2020-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-15] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3622225975-1328666760-5524277-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3622225975-1328666760-5524277-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-07-29 10:56 - 2020-08-03 11:03 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2020-10-08 22:39 - 2020-10-09 21:31 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: JumpStart Wireless Filter Driver -> MS_NdisLwf (enabled)
Ethernet: JumpStart Wireless Filter Driver -> MS_NdisLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-3622225975-1328666760-5524277-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{DAA50ADC-FDA8-4174-B8EB-33799462FD13}E:\games\baldurs gate 3\bin\bg3.exe] => (Allow) E:\games\baldurs gate 3\bin\bg3.exe () [File not signed]
FirewallRules: [TCP Query User{E7630632-5C83-4578-9B43-223649329941}E:\games\baldurs gate 3\bin\bg3.exe] => (Allow) E:\games\baldurs gate 3\bin\bg3.exe () [File not signed]
FirewallRules: [UDP Query User{6435C3FE-7A62-479B-B2E1-1AD0916DCB7B}E:\games\age of empires iii definitive edition\battleserver.exe] => (Block) E:\games\age of empires iii definitive edition\battleserver.exe => No File
FirewallRules: [TCP Query User{2EEF32B8-45C4-4740-BFFC-5D6EC8B27668}E:\games\age of empires iii definitive edition\battleserver.exe] => (Block) E:\games\age of empires iii definitive edition\battleserver.exe => No File
FirewallRules: [UDP Query User{915901CD-6A23-4C1E-A568-B90141CF7DDF}E:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) E:\games\age of empires iii definitive edition\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{6488D7E7-A4E2-40DB-B8E4-2DD8AB657CFE}E:\games\age of empires iii definitive edition\aoe3de_s.exe] => (Block) E:\games\age of empires iii definitive edition\aoe3de_s.exe => No File
FirewallRules: [{A9FF9677-D71F-4203-80BD-07A2E3CFF9DC}] => (Allow) E:\games\Age of Empires III Definitive Edition\AoE3DE_s.exe => No File
FirewallRules: [{52101060-E12F-479B-B653-D8F0DC2296BD}] => (Allow) E:\games\Age of Empires III Definitive Edition\AoE3DE_s.exe => No File
FirewallRules: [UDP Query User{1220224D-8EBB-4D57-A1A7-E51640F81932}E:\games\warthunder\launcher.exe] => (Block) E:\games\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{F8CE8FE0-E86B-4C67-AD5B-1E5DF370E6ED}E:\games\warthunder\launcher.exe] => (Block) E:\games\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{9ADEA5C1-B63D-4079-8A0A-4C31E4F24359}E:\games\warthunder\launcher.exe] => (Allow) E:\games\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{7D85703C-EC14-421E-8E5E-CF6CAB3B4CFE}E:\games\warthunder\launcher.exe] => (Allow) E:\games\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{872036C2-4770-4F13-9CDC-09478601EDBD}C:\users\alonzop\downloads\torchlight.iii\torchlight.iii\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe] => (Allow) C:\users\alonzop\downloads\torchlight.iii\torchlight.iii\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [TCP Query User{649D694C-27FB-42AA-A4EE-37AC6AE29375}C:\users\alonzop\downloads\torchlight.iii\torchlight.iii\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe] => (Allow) C:\users\alonzop\downloads\torchlight.iii\torchlight.iii\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [{001F6109-D5D3-4ADA-B60D-FCB5C233C6AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{68613A63-1C63-4373-8BC7-D7F28FED2E75}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{01787995-D0AB-4B45-BAFB-73B1C763EB07}E:\qbittorrent\qbittorrent.exe] => (Allow) E:\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{1C1BF48B-89C9-4C8A-BEC6-130289838447}E:\qbittorrent\qbittorrent.exe] => (Allow) E:\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{95CF78BC-0C73-4B61-9EA6-E6093DDFA97D}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{2B3E1679-34FA-4F1E-93D5-D72CB1A91064}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{6E5FE530-0B6C-43A5-9C1D-B03716853DA3}C:\program files\windowsapps\spotifyab.spotifymusic_1.143.700.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.143.700.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{72B9029B-7381-43C4-A6A6-614C11ECEEA7}C:\program files\windowsapps\spotifyab.spotifymusic_1.143.700.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.143.700.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{0B306B81-D8BE-488A-A808-3F99B784D609}E:\games\command and conquer remastered collection\instanceserverg.exe] => (Allow) E:\games\command and conquer remastered collection\instanceserverg.exe => No File
FirewallRules: [TCP Query User{4F2DFCF7-B13E-4646-9A43-EED0ABDE6229}E:\games\command and conquer remastered collection\instanceserverg.exe] => (Allow) E:\games\command and conquer remastered collection\instanceserverg.exe => No File
FirewallRules: [UDP Query User{98528307-2DC8-4B35-8C9D-40F81D718845}E:\games\command and conquer remastered collection\clientg.exe] => (Allow) E:\games\command and conquer remastered collection\clientg.exe => No File
FirewallRules: [TCP Query User{D59BB238-4405-4F95-A895-1234D77D5C66}E:\games\command and conquer remastered collection\clientg.exe] => (Allow) E:\games\command and conquer remastered collection\clientg.exe => No File
FirewallRules: [{A94941A0-9D8D-46D3-AE52-EAB7520BD5D5}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FD27C8C1-CF42-4224-845D-7C9C27DA9A41}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{941BF95A-BE36-44DF-8572-8F7DB859B692}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{91357B5D-DD1E-442E-B85E-6841AD38974E}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{EC4F8BD2-09FC-4E43-BEE6-C3EA1538A3B4}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{77B73213-DE9C-4F1F-AD3D-758CCA183E0A}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{5739A1C0-70F1-4D0A-B711-B84AC7B5971E}C:\program files\windowsapps\15191peakplayer.50533f9b98293_3.1.9.0_x64__y5c4dfz5b21fm\playerexe\apps\vlc\vlc.exe] => (Allow) C:\program files\windowsapps\15191peakplayer.50533f9b98293_3.1.9.0_x64__y5c4dfz5b21fm\playerexe\apps\vlc\vlc.exe (Any Player) [File not signed]
FirewallRules: [UDP Query User{56AFFA49-FD83-4097-A549-F6477CC30ED7}C:\program files\windowsapps\15191peakplayer.50533f9b98293_3.1.9.0_x64__y5c4dfz5b21fm\playerexe\apps\vlc\vlc.exe] => (Allow) C:\program files\windowsapps\15191peakplayer.50533f9b98293_3.1.9.0_x64__y5c4dfz5b21fm\playerexe\apps\vlc\vlc.exe (Any Player) [File not signed]
FirewallRules: [{C1D28A3C-4FBB-4356-B155-A6E538D65298}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2432623C-DDEB-4C6F-AB60-F4F1A985A1CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17C66A80-0B24-4676-93E8-1A924654E895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFC4DCDA-4BB6-42ED-A805-27DE1E9C7840}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{AF25C4C2-DE60-4FFD-8E86-BFEE36963FAA}E:\games\baldurs gate 3\bin\bg3.exe] => (Allow) E:\games\baldurs gate 3\bin\bg3.exe () [File not signed]
FirewallRules: [UDP Query User{1A6CFA47-B477-4470-8AF4-54568936959F}E:\games\baldurs gate 3\bin\bg3.exe] => (Allow) E:\games\baldurs gate 3\bin\bg3.exe () [File not signed]
FirewallRules: [{E0780550-21AD-4785-AEBC-9AD254221E75}] => (Allow) E:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{F7E4E10B-3F96-44BD-88FC-ACD214618617}] => (Allow) E:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{26BFECE4-60B8-49DC-BE48-4C605CD6FD29}C:\games\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) C:\games\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe (Coffee Stain Studios AB) [File not signed]
FirewallRules: [UDP Query User{7843AA5F-3392-4771-B5DC-6E9E04DA06D2}C:\games\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Allow) C:\games\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe (Coffee Stain Studios AB) [File not signed]
FirewallRules: [{4C9B593E-5D24-4424-BC88-60C5331B4840}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94CD9797-C179-49CB-B10B-937BBDA5A96A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C11780A-4E0C-4A52-9AD1-6733FB173CED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F0970D5-100A-4EA4-923D-0DEF8E9EEDB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B327ACF-18D7-4C86-A732-16E74A15A4F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5BE0920F-27E3-4E95-9A96-CC51A1C5BC56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{269341A2-1E45-4FFA-A93F-F1B97CF62264}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6267876-7A63-4557-9DEC-6CC3AAA9C186}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.380.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:110.83 GB) (Free:18.31 GB) (17%)
==================== Faulty Device Manager Devices ============
Name: Časovač událostí s vysokou přesností
Description: Časovač událostí s vysokou přesností
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/25/2021 09:06:08 AM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5
Error: (01/25/2021 09:04:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Název chybujícího modulu: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Kód výjimky: 0x4000001f
Posun chyby: 0x0003c789
ID chybujícího procesu: 0xa94
Čas spuštění chybující aplikace: 0x01d6f2f0c5d59f41
Cesta k chybující aplikaci: C:\Users\Alonzop\AppData\Local\Temp\nsv3250.tmp\setup_1.exe
Cesta k chybujícímu modulu: C:\Users\Alonzop\AppData\Local\Temp\nsv3250.tmp\setup_1.exe
ID zprávy: 2c27716c-dec8-4ac5-a5f5-198f638a3ecc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/25/2021 02:46:28 AM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5
Error: (01/25/2021 02:44:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Název chybujícího modulu: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Kód výjimky: 0x4000001f
Posun chyby: 0x0003c789
ID chybujícího procesu: 0x14c0
Čas spuštění chybující aplikace: 0x01d6f2bba53a4cc7
Cesta k chybující aplikaci: C:\Users\Alonzop\AppData\Local\Temp\nsfE9E5.tmp\setup_1.exe
Cesta k chybujícímu modulu: C:\Users\Alonzop\AppData\Local\Temp\nsfE9E5.tmp\setup_1.exe
ID zprávy: bdd709eb-9a03-436a-ae20-1c7ffaf3b6bc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/25/2021 02:32:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Název chybujícího modulu: setup_1.exe, verze: 0.0.0.0, časové razítko: 0x600cbfd9
Kód výjimky: 0x4000001f
Posun chyby: 0x0003c789
ID chybujícího procesu: 0x87c
Čas spuštění chybující aplikace: 0x01d6f2b9e9d8db83
Cesta k chybující aplikaci: C:\Users\Alonzop\AppData\Local\Temp\nsfE9E4.tmp\setup_1.exe
Cesta k chybujícímu modulu: C:\Users\Alonzop\AppData\Local\Temp\nsfE9E4.tmp\setup_1.exe
ID zprávy: 35798d3f-6f15-4a62-a852-6fc371c08509
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/22/2021 01:56:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/22/2021 01:55:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/15/2021 03:42:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (01/25/2021 09:31:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/25/2021 09:31:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/25/2021 09:31:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/25/2021 03:08:01 AM) (Source: DCOM) (EventID: 10010) (User: X-COM)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/25/2021 01:39:13 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2147500053.
Error: (01/25/2021 01:37:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (1:03:21, 25.01.2021) bylo neočekávané.
Error: (01/24/2021 10:18:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:05:05, 24.01.2021) bylo neočekávané.
Error: (01/23/2021 03:35:45 PM) (Source: DCOM) (EventID: 10010) (User: X-COM)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2021-01-25 02:43:12.5870000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
ID: 2147760506
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Alonzop\AppData\Local\Microsoft\Windows\INetCache\IE\39UKDOCL\setup[1].exe; file:_C:\Users\Alonzop\AppData\Local\Temp\nsnDBA8.tmp\setup_2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: X-COM\Alonzop
Název procesu: C:\Users\Alonzop\AppData\Local\Temp\nsu942F.tmp\1.exe
Verze bezpečnostních informací: AV: 1.329.2794.0, AS: 1.329.2794.0, NIS: 1.329.2794.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-25 02:43:12.1220000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
ID: 2147760506
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Alonzop\AppData\Local\Microsoft\Windows\INetCache\IE\39UKDOCL\setup[1].exe
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: X-COM\Alonzop
Název procesu: C:\Users\Alonzop\AppData\Local\Temp\nsu942F.tmp\1.exe
Verze bezpečnostních informací: AV: 1.329.2794.0, AS: 1.329.2794.0, NIS: 1.329.2794.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-25 02:43:07.7160000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D0!ml
ID: 2147757779
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Alonzop\AppData\Local\Microsoft\Windows\INetCache\IE\8EZUJ8SF\safebits[1].exe; file:_C:\Users\Alonzop\AppData\Local\Temp\nsnDBA8.tmp\setup_1.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: X-COM\Alonzop
Název procesu: C:\Users\Alonzop\AppData\Local\Temp\nsu942F.tmp\1.exe
Verze bezpečnostních informací: AV: 1.329.2794.0, AS: 1.329.2794.0, NIS: 1.329.2794.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-25 02:43:07.3680000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D0!ml
ID: 2147757779
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Alonzop\AppData\Local\Microsoft\Windows\INetCache\IE\8EZUJ8SF\safebits[1].exe
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: X-COM\Alonzop
Název procesu: C:\Users\Alonzop\AppData\Local\Temp\nsu942F.tmp\1.exe
Verze bezpečnostních informací: AV: 1.329.2794.0, AS: 1.329.2794.0, NIS: 1.329.2794.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-25 02:32:49.0880000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
ID: 2147760506
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Alonzop\AppData\Local\Microsoft\Windows\INetCache\IE\80QYI23D\setup[1].exe; file:_C:\Users\Alonzop\AppData\Local\Temp\nsfE9E4.tmp\setup_2.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: X-COM\Alonzop
Název procesu: C:\Users\Alonzop\AppData\Local\Temp\nsmF6.tmp\1.exe
Verze bezpečnostních informací: AV: 1.329.2794.0, AS: 1.329.2794.0, NIS: 1.329.2794.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-08 04:30:41.5740000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1700.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-01-08 04:30:41.5710000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1700.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-01-08 04:30:41.5690000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1700.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-01-08 04:30:41.4600000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1700.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-01-08 04:30:41.4590000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1700.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2021-01-25 09:26:52.4980000Z
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2021-01-25 09:26:25.7260000Z
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2021-01-25 09:26:25.7180000Z
Description:
Windows blocked file \Device\HarddiskVolume5\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V11.1 05/02/2013
Motherboard: MSI FM2-A55M-P33 (MS-7721)
Processor: AMD Athlon(tm) X4 740 Quad Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8145.84 MB
Available physical RAM: 5026.6 MB
Total Virtual: 21969.84 MB
Available Virtual: 17362.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.83 GB) (Free:18.31 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: () (Fixed) (Total:488.59 GB) (Free:302.22 GB) NTFS
\\?\Volume{db5a8614-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{350f029c-0000-0000-0000-102c7a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{db5a8614-0000-0000-0000-c0d41b000000}\ () (Fixed) (Total:0.47 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 350F029C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: DB5A8614)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=482 MB) - (Type=27)
==================== End of Addition.txt =======================
Informácie o nej nájdete tu: >> 
Přispějete na provoz fóra?