Prosím o kontrolu

[zulo]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2025
Ran by Roman (administrator) on ROMAN (18-03-2025 16:36:02)
Running from C:\Users\Roman\Desktop\FRST64.exe
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Home Version 22H2 19045.5608 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Program Files\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe ->) (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Windows\runSW.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(explorer.exe ->) (AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(explorer.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\autoupdate\opera_autoupdate.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Realtek Semiconductor Corp. -> ) C:\Windows\runSW.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(svchost.exe ->) (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(svchost.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [368976 2025-02-28] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
HKLM-x32\...\Run: [EasySettingBox] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-05] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [MicrosoftEdgeAutoLaunch_66D161819F0EAC1A9819F518A968ED0B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291128 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {3e0700c1-1501-11ee-855b-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3D2F00B6-1E73-44B7-9AB4-46CBD425001A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {80E4E3D1-D2DC-4F5A-91F6-1248D947905F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {FB7BB760-E411-4526-ADF8-18FFDE09F26D} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8543016 2025-02-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {72959C72-768B-4CD4-86AF-1E6153E80794} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5286696 2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {7CCA2205-DE1A-4AE3-AC2D-356543BEE2BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {D42B28F2-703F-4FBA-A7DB-F96A8B2467D8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "67de905c-e125-4b85-92cd-a954a9401361" --version "6.33.0.11465" --silent
Task: {B1A56C2B-1522-4E48-9A79-B575D53D3C0C} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0269FE11-CC8F-4DC7-901D-A60BE3D613B0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {905B5952-B0A1-4341-A42B-5A6F5C33FB0C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {D4A5CAF1-42F8-48CD-B1A3-EFFB5D9982FF} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {AC04D63E-1805-4732-B741-9E9589287C02} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {2DD2F0DE-0385-4DB0-A025-37CE80399BE7} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {4569066C-2EE7-43AB-A40C-336FC4F69AFF} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {BC0C234E-8037-4FB5-A720-DC03F3C5B691} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {7E2747DA-A30C-477D-B8D3-3E6AAC921ED6} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60888 2024-01-18] (HP Inc. -> HP Inc.)
Task: {529FF8D1-9A73-461F-872E-E16CDB1377F9} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60888 2024-01-18] (HP Inc. -> HP Inc.)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {F49AF98C-3F7B-4BD6-831B-26E7EA95FB67} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1537523766-1934355744-2765702040-1001 => C:\Users\Roman\AppData\Local\Microsoft\OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACB78683-04F7-4B76-9491-A4308DB58DD5} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [5647256 2025-03-11] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{05f55d45-2dec-442d-a043-8c431bf54524}: [DhcpNameServer] 192.168.1.74
Tcpip\..\Interfaces\{41f11d10-7c38-4a2e-a3df-84784ed2e8da}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fb10f0f-eebe-44c1-a353-d3a502eeb2d5}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{7fb10f0f-eebe-44c1-a353-d3a502eeb2d5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{829414a3-1a11-46f7-b094-f8167b66fccf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c992e5c-7753-4dfa-b270-0a85112445ad}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{8c992e5c-7753-4dfa-b270-0a85112445ad}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c992e5c-7753-4dfa-b270-0a85112445ad}: [DhcpDomain] home
Tcpip\..\Interfaces\{97c64f6b-596a-4ea1-8b53-79457b33cd61}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-18]
Edge DownloadDir: Default -> C:\Users\Roman\Desktop
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-05]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2020-12-23]
FF Plugin: @java.com/DTPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\dtplugin\npDeployJava1.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.441.2 -> C:\Program Files\Java\jre1.8.0_441\bin\plugin2\npjp2.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-27] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7492904 2025-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [806696 2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [858920 2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11430048 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11430048 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2650584 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-18] (HP Inc. -> HP Inc.)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-02-24] (The Document Foundation -> The Document Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-17] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-17] (Malwarebytes Inc. -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [1017032 2025-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 RunSwUSB; C:\Windows\runSW.exe [59232 2019-08-19] (Realtek Semiconductor Corp. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-02] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20568 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [246880 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [384096 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296032 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84576 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [37984 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [278616 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553568 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [98912 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69728 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [959064 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1427552 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [207456 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [389720 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-11-02] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-11-02] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [16528 2024-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [55480 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\drivers\cmdguard.sys [881496 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\System32\drivers\cmdhlp.sys [65648 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [149456 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 intelTDT; C:\WINDOWS\System32\DRIVERS\intelTDT.sys [165504 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12438216 2025-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
U3 avast! Firewall; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-18 16:36 - 2025-03-18 16:38 - 000028724 _____ C:\Users\Roman\Desktop\FRST.txt
2025-03-18 16:35 - 2025-03-18 16:37 - 000000000 ____D C:\FRST
2025-03-18 16:18 - 2025-03-18 16:18 - 002404352 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2025-03-17 18:27 - 2025-03-18 16:24 - 001213856 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2025-03-17 18:22 - 2025-03-17 18:22 - 000002138 _____ C:\Users\Public\Desktop\COMODO Internet Security Pro.lnk
2025-03-17 18:22 - 2025-03-17 18:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2025-03-17 18:21 - 2025-03-17 18:21 - 000000000 ____D C:\ProgramData\Shared Space
2025-03-17 18:21 - 2025-03-17 18:21 - 000000000 ____D C:\Program Files\COMODO
2025-03-17 18:09 - 2025-03-17 18:09 - 000000000 ____D C:\ProgramData\Comodo Downloader
2025-03-17 18:04 - 2025-03-17 18:06 - 000000000 ____D C:\AdwCleaner
2025-03-17 18:04 - 2025-03-17 18:04 - 009566696 _____ (Malwarebytes) C:\Users\Roman\Desktop\adwcleaner(1).exe
2025-03-17 16:45 - 2025-03-17 16:45 - 089063056 _____ (COMODO) C:\Users\Roman\Desktop\cispro_installer.exe
2025-03-17 16:03 - 2025-03-17 16:03 - 000316200 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-03-16 17:37 - 2025-03-16 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-03-16 17:24 - 2025-03-16 17:24 - 000001713 _____ C:\Users\Roman\Desktop\Java.lnk
2025-03-16 17:04 - 2025-03-16 17:04 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Sun
2025-03-16 17:04 - 2025-03-16 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-03-16 17:04 - 2024-12-04 08:34 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2025-03-14 16:30 - 2025-03-14 16:31 - 000000020 _____ C:\Users\Roman\Desktop\Telekom Heslo.txt
2025-03-12 20:37 - 2025-03-12 20:37 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2025-03-12 20:37 - 2025-03-12 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2025-03-12 20:36 - 2025-03-12 20:37 - 000000000 ____D C:\Program Files\iTunes
2025-03-12 15:41 - 2025-03-12 15:41 - 000000000 ___HD C:\$WinREAgent
2025-03-07 19:12 - 2025-03-07 19:12 - 000461170 _____ C:\Users\Roman\Desktop\7015230_202502_VP.pdf
2025-03-02 17:53 - 2025-03-15 11:18 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-27 00:32 - 2025-02-27 00:32 - 012438216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2025-02-25 16:27 - 2025-02-25 16:27 - 000000000 ____D C:\Users\Roman\AppData\Local\CCleaner Browser
2025-02-24 13:43 - 2025-02-24 13:43 - 000074553 _____ C:\Users\Roman\Desktop\8364782191_invoice.pdf
2025-02-24 13:43 - 2025-02-24 13:43 - 000067552 _____ C:\Users\Roman\Desktop\8364853120_invoice.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-18 16:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-18 16:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-18 16:29 - 2023-03-16 17:18 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-18 16:29 - 2022-11-23 18:07 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-18 16:29 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2025-03-18 16:26 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2025-03-18 16:25 - 2023-03-16 17:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-18 16:25 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-18 16:24 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-03-18 16:24 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-03-18 16:22 - 2023-03-16 17:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-03-18 15:37 - 2023-03-16 16:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-18 14:01 - 2023-03-16 16:56 - 000929886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-18 14:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-03-18 14:01 - 2014-03-30 16:06 - 000080666 _____ C:\WINDOWS\system32\perfh01B.dat
2025-03-18 14:01 - 2014-03-30 16:06 - 000024614 _____ C:\WINDOWS\system32\perfc01B.dat
2025-03-18 13:57 - 2023-03-16 16:12 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-18 13:49 - 2024-09-30 14:46 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain
2025-03-18 13:23 - 2025-01-21 09:35 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1537523766-1934355744-2765702040-1001
2025-03-18 13:23 - 2023-08-29 17:00 - 000002406 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-18 13:23 - 2023-06-05 16:46 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1537523766-1934355744-2765702040-1001
2025-03-18 13:23 - 2023-06-05 16:46 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1537523766-1934355744-2765702040-1001
2025-03-17 18:22 - 2015-09-21 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2025-03-17 18:22 - 2014-12-27 23:51 - 000000000 ____D C:\ProgramData\Comodo
2025-03-17 18:21 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-03-17 18:12 - 2023-03-16 16:42 - 000000000 ____D C:\Users\Roman
2025-03-17 18:11 - 2020-12-21 12:58 - 000001575 ____N C:\WINDOWS\SysWOW64\{1606DC18-9578-4cbd-8312-8E9868F06A1D}.conf
2025-03-17 18:11 - 2020-12-21 12:58 - 000000740 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2025-03-17 18:08 - 2023-05-06 21:13 - 000000000 ____D C:\Users\Roman\AppData\Local\Malwarebytes
2025-03-17 18:07 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2025-03-17 16:05 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2025-03-17 16:03 - 2020-09-01 18:36 - 000278616 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2025-03-17 16:03 - 2020-04-02 18:52 - 000553568 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2025-03-17 16:03 - 2019-01-05 16:15 - 000296032 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2025-03-17 16:03 - 2019-01-05 16:15 - 000084576 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2025-03-17 16:03 - 2018-10-09 18:09 - 000037984 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2025-03-17 16:03 - 2017-09-25 11:43 - 001427552 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2025-03-17 16:03 - 2017-09-25 11:43 - 000389720 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2025-03-17 16:03 - 2017-09-25 11:43 - 000098912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2025-03-17 16:03 - 2017-09-25 11:43 - 000069728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2025-03-17 16:02 - 2019-01-14 17:35 - 000384096 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-03-17 16:02 - 2019-01-05 16:15 - 000020568 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2025-03-17 16:02 - 2017-11-10 19:43 - 000246880 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2025-03-17 16:02 - 2017-09-25 11:43 - 000959064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2025-03-17 15:48 - 2018-05-12 10:38 - 000000000 ____D C:\Users\Roman\AppData\Local\D3DSCache
2025-03-17 14:53 - 2021-11-05 15:40 - 000239568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2025-03-17 14:53 - 2020-12-20 22:40 - 000022120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2025-03-17 14:46 - 2023-03-16 17:18 - 000004010 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2025-03-17 14:46 - 2021-05-08 10:16 - 000001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2025-03-17 14:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-17 14:20 - 2023-03-16 16:35 - 000468528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-17 14:20 - 2021-07-26 21:32 - 000000000 ____D C:\Program Files\Java
2025-03-17 14:20 - 2014-01-26 16:50 - 000000000 ____D C:\Program Files\WinRAR
2025-03-16 17:37 - 2024-05-31 16:15 - 000001052 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2025-03-16 17:36 - 2024-05-31 16:11 - 000000000 ____D C:\Program Files\LibreOffice
2025-03-16 16:44 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2025-03-16 16:36 - 2022-06-23 09:57 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2025-03-16 16:31 - 2024-03-29 18:45 - 000001092 _____ C:\Users\Roman\Desktop\WinRAR.lnk
2025-03-16 16:31 - 2020-09-25 18:32 - 000001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2025-03-16 16:31 - 2014-01-26 16:50 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-03-16 16:31 - 2014-01-26 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-03-16 16:08 - 2018-07-13 18:05 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Skype for Desktop
2025-03-16 16:04 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-03-15 19:21 - 2023-01-17 10:47 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-15 19:21 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-15 18:48 - 2018-06-24 23:32 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2025-03-15 18:45 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2025-03-15 18:36 - 2014-12-27 22:37 - 005514400 _____ C:\WINDOWS\PE_Rom.dll
2025-03-15 18:35 - 2017-11-17 01:01 - 000000000 _____ C:\WINDOWS\Path.idx
2025-03-15 11:18 - 2023-03-16 17:18 - 000003560 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-15 11:18 - 2023-03-16 17:18 - 000003336 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-15 11:18 - 2023-03-16 17:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-03-15 11:18 - 2023-03-16 17:18 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2025-03-12 20:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-12 20:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-12 18:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-12 17:21 - 2022-10-24 08:23 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-12 17:21 - 2022-10-24 08:23 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-07 19:12 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2025-03-02 16:58 - 2024-12-04 15:35 - 000001078 _____ C:\Users\Roman\Desktop\Opera.lnk
2025-03-02 16:58 - 2024-04-01 20:48 - 000001076 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2025-03-02 16:58 - 2023-05-20 15:20 - 000001842 _____ C:\Users\Roman\Desktop\Easy Setting Box.lnk
2025-03-02 16:58 - 2023-05-07 12:22 - 000001124 _____ C:\Users\Roman\Desktop\AMD Quick Stream.lnk
2025-03-02 16:58 - 2016-02-18 17:55 - 000001839 _____ C:\Users\Roman\Desktop\GX GAMING CAVIMANUS HEADSET.lnk
2025-03-02 16:58 - 2015-07-20 15:23 - 000001428 _____ C:\Users\Roman\Desktop\IM Magician.lnk
2025-03-02 16:58 - 2014-12-29 13:47 - 000001775 _____ C:\Users\Roman\Desktop\Photo Gallery.lnk
2025-03-02 16:58 - 2014-12-29 13:46 - 000001734 _____ C:\Users\Roman\Desktop\MovieMaker.lnk
2025-03-02 16:58 - 2014-12-28 14:17 - 000001733 _____ C:\Users\Roman\Desktop\AI Suite.lnk
2025-03-02 16:58 - 2014-12-26 00:28 - 000000979 _____ C:\Users\Roman\Desktop\TechPowerUp GPU-Z.lnk
2025-03-02 16:58 - 2014-10-31 02:53 - 000002181 _____ C:\Users\Roman\Desktop\Opera Mail.lnk
2025-03-02 16:58 - 2014-08-20 17:44 - 000001080 _____ C:\Users\Roman\Desktop\SpeedFan.lnk
2025-03-02 16:58 - 2012-12-17 15:50 - 000001634 _____ C:\Users\Roman\Desktop\Windows Media Player.lnk
2025-02-26 16:26 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-02-26 16:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-26 16:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-26 16:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-26 16:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-26 16:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-26 16:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-26 15:24 - 2023-03-16 16:40 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-25 16:24 - 2015-01-26 17:37 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2025-02-21 21:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-21 20:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-02-17 18:00 - 2024-11-11 09:18 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe

==================== Files in the root of some directories ========

2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2022-11-01 11:59 - 2022-11-01 11:59 - 000000356 _____ () C:\ProgramData\temp_Delete.bat
2022-11-01 11:59 - 2022-11-01 11:59 - 000000096 _____ () C:\ProgramData\temp_runbat.vbs
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2017-04-01 21:27 - 2021-08-22 11:17 - 000002247 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2021-08-22 11:31 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2025
Ran by Roman (18-03-2025 16:45:11)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Home Version 22H2 19045.5608 (X64) (2023-03-16 16:20:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Up to date) {68776303-F62A-B826-2FE9-ABF2832D7700}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {504CE226-BC45-B97E-04B6-02C77DFE307B}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 25.001.20432 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Accelerated Video Transcoding (HKLM\...\{1D1CB210-D05E-5BF4-F998-2B1903EE4323}) (Version: 13.30.100.41120 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (HKLM\...\{503F672D-6C84-448A-8F8F-4BC35AC83441}) (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{260a52b1-dc81-4e22-b58d-5dd3b57a7b65}) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{AF0C3D84-6909-4B48-A335-2EC35087BAB0}) (Version: 18.0.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.2.9898.2555 - Gen Digital Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center - Branding (HKLM-x32\...\{25A3B953-1423-3F15-640E-B620DD0F419A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1990.6 - Piriform Software) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Internet Security Pro (HKLM\...\{D059ED0D-D72A-474D-9F6D-11BD124F89C5}) (Version: 12.3.4.8162 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Pro (HKLM\...\COMODO Internet Security) (Version: 12.3.4.8162 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
CPUID CPU-Z 2.14 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.14 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{D0492745-99F7-4BFA-88CE-DC8A60BEA8A3}) (Version: 12.13.6.1 - Apple Inc.)
Java 8 Update 441 (64-bit) (HKLM\...\{77724AE4-039E-4CA4-87B4-2F64180441F0}) (Version: 8.0.4410.7 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2020.02.04.02 - PandoraTV)
LibreOffice 25.2.1.2 (HKLM\...\{C155ED9C-4F2D-408C-BF76-07CB2B126B25}) (Version: 25.2.1.2 - The Document Foundation)
Malwarebytes version 5.2.8.173 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.8.173 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 117.0.5408.93 (HKLM-x32\...\Opera 117.0.5408.93) (Version: 117.0.5408.93 - Opera Software)
Photo Common (HKLM-x32\...\{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.138 (HKLM-x32\...\Skype_is1) (Version: 8.138 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.64.0 - TechPowerUp)
TP-Link Archer T3U Plus Driver (HKLM-x32\...\{C93FD3E7-E450-46ED-B2B2-6F86B479BDBE}) (Version: 2.1.0 - TP-Link)
TurboFLOORPLAN Dum & Interiér & Zahrada PRO (HKLM-x32\...\{949815AB-D269-4DD3-AB1A-539432BAFC1E}) (Version: 15.1 - IMSIDesign) Hidden
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{2F3E0052-438D-4D42-873C-94223F25FF7A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 7.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-11] ()
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2982.2.0_x64__kgqvnymyfvs32 [2025-03-17] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2023-03-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-16] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-04-03] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-03-17] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2025-03-18 16:25 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000512000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000212992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta programu Fotogaléria.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 3: TP-Link Wireless MU-MIMO USB Adapter #3 -> rtwlanu.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

inspect: COMODO Internet Security Firewall Driver
nt_ndisrd: WinpkFilter LightWeight Filter
appex_acc: AppEx Networks Accelerator
rtk_rtndpt60: Realtek NDIS Protocol Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3B6C54F2-38C8-4753-8C27-296A9E933924}] => (Allow) C:\Program Files\Opera\92.0.4561.61\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{430E6010-8D95-44C3-950E-F73F9EB2A615}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03A2364C-701C-44AE-8CAD-5BD0977952FE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29A690DA-7FF7-4C0C-A077-89A5DB7358B5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{FDA1A6F8-8323-4C51-AAF5-5E2F24741BBE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{DA5690A3-42D2-44DD-8694-15B94E258F0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{84450BEB-D2BB-4FE0-A003-A67EAC2EEE76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AFAF4D1-E6DA-4296-8A1E-68C5F8CA1944}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CD04873-5546-40D0-87FD-768E5BA930D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EE7F7EF-9A8E-409C-A65F-DF94AFD62B7A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8669642-2DBD-44C8-9A0C-F67E3A30FC26}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{36755E0B-34B0-48CE-8C03-C73ECACE6973}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53243758-F5FE-4CC6-906F-B65C31D227C2}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{FF452938-7912-4DAA-9B3C-11AAE1C7639D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-03-2025 18:09:33 Removing COMODO Client - Security
17-03-2025 18:19:57 Installing COMODO Internet Security Pro

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/17/2025 06:26:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]


System errors:
=============
Error: (03/18/2025 04:28:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba System Guard Runtime Monitor Broker bola ukončená s nasledujúcou chybou:
%%3489660935

Error: (03/18/2025 02:01:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba System Guard Runtime Monitor Broker bola ukončená s nasledujúcou chybou:
%%3489660935

Error: (03/18/2025 01:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HPPrintScanDoctorService zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (03/18/2025 01:58:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby HPPrintScanDoctorService bol dosiahnutý časový limit (45000 ms).

Error: (03/17/2025 06:32:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba System Guard Runtime Monitor Broker bola ukončená s nasledujúcou chybou:
%%3489660935

Error: (03/17/2025 06:29:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HPPrintScanDoctorService zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (03/17/2025 06:29:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby HPPrintScanDoctorService bol dosiahnutý časový limit (45000 ms).

Error: (03/17/2025 06:26:41 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.


Windows Defender:
================Event[0]:

Date: 2024-11-11 13:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2024-11-11 13:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2024-11-11 13:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2024-11-11 13:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2024-11-11 13:50:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2025-03-18 16:49:10
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2025-03-18 16:28:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 7368.32 MB
Available physical RAM: 3608.25 MB
Total Virtual: 22216.32 MB
Available Virtual: 18174.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.59 GB) (Free:361.43 GB) (Model: WDC WD5000AAKX-003CA0) NTFS

\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.23 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [EasySettingBox] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U3 avast! Firewall; no ImagePath
C:\ProgramData\temp_Delete.bat
C:\ProgramData\temp_runbat.vbs
lternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[zulo]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-03-2025
Ran by Roman (18-03-2025 17:54:21) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [EasySettingBox] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U3 avast! Firewall; no ImagePath
C:\ProgramData\temp_Delete.bat
C:\ProgramData\temp_runbat.vbs
lternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EasySettingBox" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\avast! Firewall => could not remove, key could be protected
C:\ProgramData\temp_Delete.bat => moved successfully
C:\ProgramData\temp_runbat.vbs => moved successfully
lternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64] => Error: No automatic fix found for this entry.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47477472 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 365533 B
Edge => 0 B
Firefox => 0 B
Opera => 421726381 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 269 B
systemprofile32 => 269 B
LocalService => 354770 B
NetworkService => 357648 B
Roman => 171603185 B

RecycleBin => 0 B
EmptyTemp: => 613.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2025 17:57:14)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avast! Firewall => could not remove, key could be protected

==== End of Fixlog 17:57:14 ====

[Rudy]

Log by již měl být OK.