CCleanerem opraveno asi 300 chyb v registrech, plus vyčištěno. Přidávám logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2019
Ran by WSS (administrator) on DESKTOP-5M56U6R (MSI MS-7978) (29-10-2019 20:41:39)
Running from C:\Users\WSS\Desktop
Loaded Profiles: WSS (Available Profiles: WSS)
Platform: Windows 10 Pro Version 1709 16299.726 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() [File not signed] D:\Programy\Serviio\bin\ServiioService.exe
() [File not signed] D:\Programy\Serviio\bin\ServiioService.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(alch) [File not signed] C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\Programy\Daemon Tools\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) D:\Programy\Daemon Tools\DTShellHlp.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusionHookApp32.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusionHookApp64.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) D:\Programy\DisplayFusion\DisplayFusionService.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6847\Agent.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(LogMeIn, Inc. -> LogMeIn Inc.) D:\Programy\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) D:\Programy\Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Corporation -> Malwarebytes) D:\Programy\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\Programy\Anti-Malware\mbamtray.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-10-10] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-08-18] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2018-03-03] (alch) [File not signed]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [Steam] => D:\Programy\Steam\steam.exe [3211040 2019-10-02] (Valve -> Valve Corporation)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [Discord] => C:\Users\WSS\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\Daemon Tools\DTAgent.exe [731240 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7415880 2018-12-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [World of Tanks] => D:\Hry\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [Spotify] => C:\Users\WSS\AppData\Roaming\Spotify\Spotify.exe [21348768 2019-10-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [DisplayFusion] => D:\Programy\DisplayFusion\DisplayFusion.exe [10531216 2019-05-22] (Binary Fortress Software Ltd. -> Binary Fortress Software)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1988240 2019-10-23] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\78.0.70.121\Installer\chrmstp.exe [2019-10-25] (Brave Software, Inc.) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {035AA5F5-9948-48A7-93CA-94DD82407DB3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0624B00B-4DEE-49A0-886A-2AF651634E1E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08BAF982-D128-4445-AE17-A82B7CD39DFD} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [160200 2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {0B87BD83-C26D-4045-B641-91C4E9710535} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1290204E-2276-40E5-8D73-CC42CA77DC8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {246D0244-085E-47E2-82F1-B52D1E10D84E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2756B475-E29F-4729-825D-4B06B60F0E33} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-5M56U6R-WSS => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {30BC7B81-FA8D-4E3C-A2CD-D8302526E820} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {38F779C1-19C2-42CA-8477-20CFF2D7ECC2} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [160200 2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {503CD507-1501-4C91-83CA-A8593B7F78C0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6313BD33-5FEE-4DE4-92BD-C8E47BACC236} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {663C7A32-A621-45AA-869D-7E66ECBA0B75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {6908B132-02CC-49B3-9AC2-6C6B1A99B224} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A1E27F9-3C60-4EA7-A7C2-395AD2C64D91} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7E6C9837-2119-48E4-8A77-9457C2BD1D39} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95560CEF-FD13-4997-9B6D-6C8039ED847F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A51BA0F-7977-48B6-9902-1BD8A34AFC6A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {9F85567E-F56C-4735-9EDA-357732E21939} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1486370-AFFE-4778-948F-BDB06DA12276} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B99A9ED9-C642-43C5-84B8-CE56B3772A66} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D11399C0-EEF8-4063-8BB4-AE8E79465525} - \KMS_VL_ALL -> No File <==== ATTENTION
Task: {D7531E43-65EC-4E5E-A743-676F6237A9D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {DAE735AB-812B-4146-BFD1-9FEC9CCCA435} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5029CA6-6509-4282-A4AA-DF2231D8FFE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{293e1a5d-ad83-4df8-bffc-d2ddfd8ff2d3}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programy\Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programy\Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Programy\Office\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> D:\Programy\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\Programy\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default [2019-10-29]
CHR Extension: (Slides) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
CHR Extension: (Docs) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-10]
CHR Extension: (Google Drive) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-10]
CHR Extension: (YouTube) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-10]
CHR Extension: (Sheets) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
CHR Extension: (Google Docs Offline) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-22]
CHR Extension: (Video DownloadHelper) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\WSS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-17] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [160200 2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [160200 2018-12-21] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 Disc Soft Lite Bus Service; D:\Programy\Daemon Tools\DiscSoftBusServiceLite.exe [3648616 2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DisplayFusionService; D:\Programy\DisplayFusion\DisplayFusionService.exe [7037344 2019-05-22] (Binary Fortress Software Ltd. -> Binary Fortress Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2018-12-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-21] (GOG Sp. z o.o. -> GOG.com)
R2 Hamachi2Svc; D:\Programy\Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 MBAMService; D:\Programy\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228976 2019-10-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2019-07-25] () [File not signed]
R2 Serviio; D:\Programy\Serviio\bin\ServiioService.exe [413696 2019-05-15] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WSearch; C:\Windows\system32\SearchIndexer.exe [982016 2018-04-15] (Access Denied) [File not signed]
S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.21\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-09-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-09-26] (Disc Soft Ltd -> Disc Soft Ltd)
S3 fwdrv; C:\Windows\system32\DRIVERS\fwdrv.sys [27840 2014-03-22] (Web Solution Mart -> Web Solution Mart)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-02-11] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 hfFilter; C:\Windows\System32\drivers\hfFilter.sys [34400 2017-02-05] (Access Denied) [File not signed]
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Microsoft Windows -> Qualcomm Atheros, Inc.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-29] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_67c16e22f0dab361\nvlddmkm.sys [22734744 2019-10-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [14368 1999-11-04] () [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-29 20:42 - 2019-10-29 20:42 - 000226232 _____ C:\Users\WSS\Documents\cc_20191029_204215.reg
2019-10-29 20:41 - 2019-10-29 20:42 - 000031862 _____ C:\Users\WSS\Desktop\FRST.txt
2019-10-29 20:41 - 2019-10-29 20:41 - 000000000 ____D C:\Users\WSS\Desktop\FRST-OlderVersion
2019-10-29 20:40 - 2019-10-29 20:40 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-29 20:40 - 2019-10-29 20:40 - 000002884 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-10-29 20:40 - 2019-10-29 20:40 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-29 20:40 - 2019-10-29 20:40 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-10-29 20:40 - 2019-10-29 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-10-29 20:40 - 2019-10-29 20:40 - 000000000 ____D C:\Program Files\CCleaner
2019-10-29 11:14 - 2019-10-29 11:14 - 000947200 _____ C:\Users\WSS\Desktop\avcertclean_1.2.0.exe
2019-10-29 11:10 - 2019-10-29 11:10 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-10-29 00:10 - 2019-10-29 00:10 - 004707338 _____ C:\Users\WSS\Desktop\cureit.rar
2019-10-29 00:05 - 2019-10-29 00:05 - 000113386 _____ C:\Users\WSS\Desktop\PARASITE.2019.1080p.FHDRip.H264.AAC-NonDRM.srt
2019-10-29 00:02 - 2019-10-29 00:05 - 1101082049 _____ C:\Users\WSS\Desktop\PARASITE.2019.1080p.FHDRip.H264.AAC-NonDRM.mp4
2019-10-28 22:55 - 2019-10-28 22:56 - 1391207422 _____ C:\Users\WSS\Desktop\Parasite Parazit 2019.720p.x264.AAC.KR+CZsub.mkv
2019-10-28 22:50 - 2019-10-28 22:53 - 1097008117 _____ C:\Users\WSS\Desktop\Parasite.2019.KOR.cz.sub.1080p.WEBRip.x264.AAC2.0.mkv
2019-10-28 12:22 - 2019-10-29 00:03 - 000000000 ____D C:\Users\WSS\Doctor Web
2019-10-28 12:22 - 2019-10-28 22:45 - 000000000 ____D C:\ProgramData\Doctor Web
2019-10-28 12:21 - 2019-10-28 12:22 - 202889384 _____ C:\Users\WSS\Desktop\yic5c8ux.exe
2019-10-28 11:17 - 2019-10-28 11:17 - 000000000 ___HD C:\$SysReset
2019-10-28 11:09 - 2019-10-28 11:09 - 000007602 _____ C:\Users\WSS\AppData\Local\Resmon.ResmonCfg
2019-10-27 18:45 - 2019-10-28 17:08 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-10-27 18:45 - 2019-10-27 18:45 - 000000778 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-27 18:45 - 2019-10-27 18:45 - 000000778 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-27 18:45 - 2019-10-27 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-27 18:45 - 2019-10-27 18:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-27 18:45 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-10-27 18:44 - 2019-10-27 18:44 - 066367928 _____ (Malwarebytes ) C:\Users\WSS\Desktop\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe
2019-10-26 23:14 - 2019-10-26 23:14 - 000011542 _____ C:\Users\WSS\Documents\fixlist.txt
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\Windows\system32\RTCOM
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\Windows\system32\DAX3
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\Windows\system32\DAX2
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\ProgramData\Audyssey Labs
2019-10-25 17:43 - 2019-10-25 17:43 - 000000000 ____D C:\Program Files\Realtek
2019-10-25 17:42 - 2019-10-25 17:43 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-10-25 17:42 - 2019-10-25 17:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-25 17:42 - 2019-10-25 17:42 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-10-25 17:42 - 2019-01-16 21:59 - 072520816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2019-10-25 17:42 - 2019-01-16 21:59 - 007178568 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 007101848 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 006554632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-10-25 17:42 - 2019-01-16 21:59 - 006270296 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 003677264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-10-25 17:42 - 2019-01-16 21:59 - 003159880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 002930248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 001159280 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 001003960 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000416608 _____ (Harman) C:\Windows\system32\HMUI.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000378488 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000266656 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000154464 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000122424 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000118696 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000105408 _____ C:\Windows\system32\audioLibVc.dll
2019-10-25 17:42 - 2019-01-16 21:59 - 000023824 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 015218720 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 007748824 _____ (ICEpower A/S) C:\Windows\system32\ICEsoundAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 006463288 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 005939016 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 005593720 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003765632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003445848 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003340000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003306920 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003284752 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 003168488 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 002198080 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001788088 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001598504 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001435240 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001396272 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001382344 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001353424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001337744 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001318952 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001282656 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001180624 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001110280 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001073776 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 001027928 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000965128 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000873568 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000852240 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000734880 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000715752 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000692272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000604904 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000541216 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000511536 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000467256 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000453376 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000452632 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000447280 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000406560 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000392976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000381512 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000366224 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000360448 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000343808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000341248 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000341248 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000327376 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000327376 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000261128 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000261096 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000260104 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000232016 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000230808 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000220488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000218376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000203944 _____ (Harman) C:\Windows\system32\HMHVS.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000193088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000191040 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000191040 _____ (Harman) C:\Windows\system32\HMEQ.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000179696 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000175048 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000158800 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000157448 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000139864 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000116640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000094032 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000091016 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000090296 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000088424 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000083728 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2019-10-25 17:42 - 2019-01-16 17:59 - 000075648 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 005346888 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 002992080 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 002444576 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001971264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001965048 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001610848 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOv251gm.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001544144 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001516160 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001372280 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001287496 _____ (Dolby Laboratories) C:\Windows\system32\DolbyAPOvlldpgm.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 001259624 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000751192 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000448496 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000367504 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000332904 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000315872 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000278160 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2019-10-25 17:42 - 2019-01-16 17:58 - 000184216 _____ (ASUSTeK COMPUTER INC.) C:\Windows\system32\ATKWMI.dll
2019-10-25 17:42 - 2019-01-16 17:32 - 026013220 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-10-25 17:42 - 2019-01-16 17:32 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2019-10-25 17:42 - 2018-01-15 07:40 - 002856800 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-10-25 16:44 - 2019-10-25 16:44 - 000000000 __SHD C:\Users\WSS\AppData\Roaming\Common
2019-10-25 16:44 - 2019-10-25 16:44 - 000000000 ____D C:\Users\WSS\AppData\Local\DisplayFusion
2019-10-25 16:44 - 2019-10-25 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2019-10-25 16:44 - 2019-10-25 16:44 - 000000000 ____D C:\ProgramData\Binary Fortress Software
2019-10-25 16:22 - 2019-10-25 16:24 - 000000000 ____D C:\AdwCleaner
2019-10-25 16:22 - 2019-10-25 16:22 - 007622344 _____ (Malwarebytes) C:\Users\WSS\Desktop\AdwCleaner.exe
2019-10-25 12:22 - 2019-10-17 23:39 - 004205272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 011838848 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 010164096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 001074080 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 001074080 _____ C:\Windows\system32\vulkan-1.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 000931744 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 000931744 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 000848800 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-25 12:22 - 2019-10-17 20:45 - 000848800 _____ C:\Windows\system32\vulkaninfo.exe
2019-10-25 12:22 - 2019-10-17 20:45 - 000706464 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-25 12:22 - 2019-10-17 20:45 - 000706464 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-10-25 12:22 - 2019-10-17 20:45 - 000450464 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-25 12:22 - 2019-10-17 20:45 - 000353368 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-25 12:22 - 2019-10-17 20:44 - 000824920 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-10-25 12:22 - 2019-10-17 20:44 - 000677064 _____ C:\Windows\system32\nvofapi64.dll
2019-10-25 12:22 - 2019-10-17 20:44 - 000545368 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 040510664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 035379912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 017460608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 015028424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 005380512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 004716416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 002074712 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001733080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444097.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001567888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001491360 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444097.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001482656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001370712 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001144736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 001064864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 000813016 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 000685016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 000659544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-10-25 12:22 - 2019-10-17 20:43 - 000556984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-10-25 11:56 - 2019-10-25 17:15 - 000000000 ____D C:\Users\WSS\Documents\Call of Duty Modern Warfare
2019-10-25 11:50 - 2019-10-29 20:42 - 000000000 ____D C:\FRST
2019-10-25 11:43 - 2019-10-25 11:43 - 000000000 ____D C:\rsit
2019-10-25 11:43 - 2019-10-25 11:43 - 000000000 ____D C:\Program Files\trend micro
2019-10-25 11:41 - 2019-10-29 20:41 - 001619968 _____ (Farbar) C:\Users\WSS\Desktop\FRST64.exe
2019-10-25 11:41 - 2019-10-25 11:41 - 001222144 _____ C:\Users\WSS\Desktop\RSITx64.exe
2019-10-25 11:21 - 2019-10-25 11:21 - 000000631 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2019-10-25 11:21 - 2019-10-25 11:21 - 000000631 _____ C:\ProgramData\Desktop\Call of Duty Modern Warfare.lnk
2019-10-25 11:21 - 2019-10-25 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2019-10-22 15:59 - 2019-10-22 16:15 - 000000000 ____D C:\Users\WSS\Documents\Parkitect
2019-10-22 15:59 - 2019-10-22 15:59 - 000000679 _____ C:\Users\WSS\Desktop\Parkitect.lnk
2019-10-22 15:59 - 2019-10-22 15:59 - 000000000 ____D C:\Users\WSS\AppData\LocalLow\Texel Raptor
2019-10-22 15:59 - 2019-10-22 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parkitect
2019-10-22 10:24 - 2019-10-22 10:24 - 000000000 ____D C:\Users\WSS\AppData\Local\ChernobylGame
2019-10-22 10:22 - 2019-10-22 10:22 - 000000800 _____ C:\Users\Public\Desktop\Chernobylite.lnk
2019-10-22 10:22 - 2019-10-22 10:22 - 000000800 _____ C:\ProgramData\Desktop\Chernobylite.lnk
2019-10-22 10:22 - 2019-10-22 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chernobylite [GOG.com]
2019-10-21 17:35 - 2019-10-21 17:36 - 000000000 ____D C:\Users\WSS\AppData\Roaming\.clamwin
2019-10-21 17:35 - 2019-10-21 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
2019-10-21 17:34 - 2019-10-21 17:34 - 000000000 ____D C:\ProgramData\.clamwin
2019-10-21 17:34 - 2019-10-21 17:34 - 000000000 ____D C:\Program Files (x86)\ClamWin
2019-10-21 17:27 - 2019-10-21 17:27 - 000000000 ____D C:\Users\WSS\AppData\Local\mbam
2019-10-21 17:26 - 2019-10-21 17:26 - 000000000 ____D C:\Users\WSS\AppData\Local\mbamtray
2019-10-21 17:23 - 2019-10-21 17:23 - 066367928 _____ (Malwarebytes ) C:\Users\WSS\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe
2019-10-20 16:05 - 2019-10-20 16:07 - 2331411963 _____ C:\Users\WSS\Downloads\BrokenDreamers-042-pc.zip
2019-10-18 17:32 - 2019-10-18 17:32 - 000000723 _____ C:\Users\WSS\Desktop\Slay the Spire.lnk
2019-10-18 17:32 - 2019-10-18 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slay the Spire
2019-10-12 19:46 - 2019-10-12 19:46 - 000000024 _____ C:\Windows\system32\WinUpdates105.dat
2019-10-12 19:46 - 2019-10-12 19:46 - 000000003 _____ C:\Windows\system32\wdbcache.tmp
2019-10-09 20:18 - 2019-09-27 22:13 - 001726720 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6443648.dll
2019-10-09 20:18 - 2019-09-27 22:13 - 001491144 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6443648.dll
2019-10-09 20:18 - 2019-09-27 19:19 - 000047272 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-10-07 19:41 - 2019-10-07 19:42 - 000000000 ____D C:\Program Files (x86)\Remote Mouse
2019-10-07 19:41 - 2019-10-07 19:41 - 000001119 _____ C:\Users\Public\Desktop\Remote Mouse.lnk
2019-10-07 19:41 - 2019-10-07 19:41 - 000001119 _____ C:\ProgramData\Desktop\Remote Mouse.lnk
2019-10-07 19:41 - 2019-10-07 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2019-10-07 15:47 - 2019-10-07 15:47 - 000000000 ____D C:\Users\WSS\AppData\LocalLow\Wizards Of The Coast
2019-10-07 15:45 - 2019-10-07 15:45 - 000000000 ____D C:\Users\WSS\Documents\Gatewatch_Logs
2019-10-07 15:45 - 2019-10-07 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena
2019-10-07 15:44 - 2019-10-07 15:45 - 000000875 _____ C:\Users\WSS\Desktop\MTG Arena.lnk
2019-10-03 16:44 - 2019-10-27 17:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-03 16:44 - 2019-10-27 17:57 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-03 16:44 - 2019-10-23 13:36 - 000003518 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-29 20:41 - 2019-02-23 12:02 - 000000000 ____D C:\Users\WSS\AppData\Local\LogMeIn Hamachi
2019-10-29 20:41 - 2018-10-16 08:57 - 000000000 ____D C:\Users\WSS\AppData\Local\CrashDumps
2019-10-29 20:41 - 2018-09-26 16:39 - 000000000 ____D C:\Users\WSS\AppData\Roaming\DAEMON Tools Lite
2019-10-29 20:41 - 2017-11-28 04:44 - 000000000 ____D C:\Windows\Panther
2019-10-29 20:41 - 2017-09-29 14:44 - 000000000 ____D C:\Windows\INF
2019-10-29 20:40 - 2019-02-23 20:11 - 000000000 ____D C:\Users\WSS\AppData\Local\Battle.net
2019-10-29 16:35 - 2018-09-22 17:08 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-29 16:02 - 2019-04-09 21:21 - 000000246 _____ C:\Windows\HFIT.hff
2019-10-29 11:16 - 2017-11-28 04:51 - 003140080 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-29 11:15 - 2018-09-22 17:19 - 000000000 ____D C:\Users\WSS\AppData\Roaming\brave
2019-10-29 11:10 - 2019-07-23 09:15 - 000000000 ___RD C:\Users\WSS\Creative Cloud Files
2019-10-29 11:10 - 2018-09-25 12:29 - 000000000 ____D C:\Users\WSS\AppData\Local\Adobe
2019-10-29 11:10 - 2018-09-22 17:16 - 000000000 ____D C:\Users\WSS
2019-10-29 11:10 - 2017-11-28 04:44 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-29 00:14 - 2017-09-29 09:45 - 000524288 _____ C:\Windows\system32\config\BBI
2019-10-29 00:02 - 2017-11-28 04:44 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-10-28 22:45 - 2018-11-27 19:57 - 000000000 ____D C:\Users\WSS\AppData\Roaming\TS3Client
2019-10-28 13:02 - 2017-09-29 09:45 - 000000000 ____D C:\Windows\servicing
2019-10-28 10:31 - 2018-10-03 17:44 - 000000000 ____D C:\Users\WSS\AppData\LocalLow\Mozilla
2019-10-27 23:58 - 2018-10-16 08:03 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-10-27 18:45 - 2017-09-29 14:46 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-10-27 10:44 - 2019-03-29 21:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-26 10:31 - 2019-02-23 20:09 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-10-25 22:51 - 2018-09-26 16:17 - 000000000 ____D C:\Users\WSS\AppData\Roaming\qBittorrent
2019-10-25 17:43 - 2019-06-08 22:36 - 000000000 ____D C:\Windows\LastGood
2019-10-25 17:13 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\LiveKernelReports
2019-10-25 16:24 - 2018-09-22 17:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-25 13:21 - 2018-09-25 12:23 - 000000000 ____D C:\Users\WSS\AppData\Roaming\discord
2019-10-25 12:23 - 2018-09-24 16:25 - 000000000 ____D C:\Users\WSS\AppData\Local\NVIDIA
2019-10-25 12:05 - 2019-02-23 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2019-10-25 12:01 - 2019-02-23 20:11 - 000000000 ____D C:\Users\WSS\AppData\Roaming\Battle.net
2019-10-25 11:15 - 2019-03-26 17:38 - 000000722 __RSH C:\ProgramData\ntuser.pol
2019-10-25 11:09 - 2018-12-21 19:54 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-10-25 11:09 - 2018-12-21 19:54 - 000002377 _____ C:\Users\Public\Desktop\Brave.lnk
2019-10-25 11:09 - 2018-12-21 19:54 - 000002377 _____ C:\ProgramData\Desktop\Brave.lnk
2019-10-25 10:23 - 2019-02-23 20:11 - 000000000 ____D C:\Users\WSS\AppData\Local\Blizzard Entertainment
2019-10-25 10:23 - 2019-02-23 20:09 - 000000000 ____D C:\Users\WSS\AppData\Local\Blizzard
2019-10-23 21:57 - 2018-11-10 09:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-22 11:03 - 2018-10-12 21:31 - 000001320 _____ C:\Users\Public\Desktop\Gwent.lnk
2019-10-22 11:03 - 2018-10-12 21:31 - 000001320 _____ C:\ProgramData\Desktop\Gwent.lnk
2019-10-22 11:03 - 2018-10-12 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2019-10-20 19:03 - 2019-02-22 00:12 - 000000000 ____D C:\Users\WSS\AppData\Roaming\vlc
2019-10-20 16:09 - 2018-10-11 08:11 - 000000000 ____D C:\Users\WSS\AppData\Roaming\RenPy
2019-10-17 23:39 - 2017-11-09 03:25 - 004936088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-10-17 01:28 - 2017-11-09 02:57 - 000056045 _____ C:\Windows\system32\nvinfo.pb
2019-10-16 23:45 - 2018-09-22 17:08 - 005524464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-10-16 23:45 - 2018-09-22 17:08 - 002636656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-10-16 23:44 - 2018-09-22 17:08 - 001767464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-10-16 23:44 - 2018-09-22 17:08 - 000655216 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-10-16 23:44 - 2018-09-22 17:08 - 000450872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-10-16 23:44 - 2018-09-22 17:08 - 000124784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-10-16 23:44 - 2018-09-22 17:08 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-10-16 17:33 - 2018-09-23 11:32 - 000000000 ____D C:\Program Files (x86)\Origin
2019-10-16 16:35 - 2019-03-29 21:33 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-14 14:26 - 2018-09-22 17:08 - 008750052 _____ C:\Windows\system32\nvcoproc.bin
2019-10-12 21:45 - 2018-11-22 20:35 - 000000000 ____D C:\Users\WSS\AppData\Local\Spotify
2019-10-12 21:25 - 2018-11-22 20:35 - 000000000 ____D C:\Users\WSS\AppData\Roaming\Spotify
2019-10-10 08:15 - 2017-09-29 14:46 - 000000000 ___RD C:\Program Files\Windows Defender
2019-10-09 20:36 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2019-10-09 20:21 - 2018-09-22 17:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-10-09 20:20 - 2018-09-22 17:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-09 19:43 - 2018-09-25 12:29 - 000004596 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-09 19:43 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-09 19:43 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-08 16:25 - 2018-11-10 09:50 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-06 17:55 - 2019-07-23 09:06 - 000001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-10-06 17:55 - 2019-03-29 21:33 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-10-06 17:55 - 2018-10-16 08:03 - 000000000 ____D C:\Program Files\Adobe
2019-10-02 17:41 - 2018-09-24 15:54 - 000000000 ____D C:\Windows\system32\Drivers\wd
==================== Files in the root of some directories ========
2019-09-18 15:32 - 2019-09-18 15:35 - 000000034 _____ () C:\Users\WSS\AppData\Roaming\AdobeWLCMCache.dat
2019-02-16 14:21 - 2019-02-16 14:21 - 000000000 ___SH () C:\Users\WSS\AppData\Local\LumaEmu
2019-07-23 09:14 - 2019-07-23 09:14 - 000000000 _____ () C:\Users\WSS\AppData\Local\oobelibMkey.log
2019-10-28 11:09 - 2019-10-28 11:09 - 000007602 _____ () C:\Users\WSS\AppData\Local\Resmon.ResmonCfg
==================== FLock ==============================
2018-04-15 21:04 C:\Windows\system32\SearchIndexer.exe
2019-10-29 16:02 C:\Windows\HFIT.hff
2017-02-05 19:30 C:\Windows\system32\Drivers\hfFilter.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-10-25 11:10
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2019
Ran by WSS (29-10-2019 20:42:42)
Running from C:\Users\WSS\Desktop
Windows 10 Pro Version 1709 16299.726 (X64) (2018-09-22 16:07:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1906486174-218330440-3877118835-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1906486174-218330440-3877118835-503 - Limited - Disabled)
Guest (S-1-5-21-1906486174-218330440-3877118835-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1906486174-218330440-3877118835-504 - Limited - Disabled)
WSS (S-1-5-21-1906486174-218330440-3877118835-1002 - Administrator - Enabled) => C:\Users\WSS
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Ancestors The Humankind Odyssey (HKLM-x32\...\Ancestors The Humankind Odyssey_is1) (Version: - )
BANNERMEN (HKLM\...\YmFubmVybWVu_is1) (Version: 1 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 0.5.7.495 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.5.7.495 - Battlestate Games)
Blair Witch (HKLM-x32\...\Blair Witch_is1) (Version: - )
Blair Witch (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Blair Witch) (Version: - HOODLUM)
BobsTrackBuilder (HKLM-x32\...\{ECDF8120-703D-4A96-B36C-A565419B3900}) (Version: 1.0.0 - Bobs Track Builder)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 78.0.70.121 - Brave Software Inc)
Brave (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Brave) (Version: 0.27.3 - Brave Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Chernobylite (HKLM-x32\...\1472128402_is1) (Version: 20591 - GOG.com)
Cities Skylines Campus (HKLM-x32\...\Cities Skylines Campus_is1) (Version: - )
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version: - Rimsky)
Control (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Control) (Version: - HOODLUM)
CrystalDiskInfo 8.2.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.2.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0630 - Disc Soft Ltd)
Darksiders III (HKLM-x32\...\Darksiders III_is1) (Version: - )
Darkwood (HKLM-x32\...\Darkwood_is1) (Version: - )
DawnOfMan (HKLM-x32\...\1899257943_is1) (Version: 1.0.0 - GOG.com)
Discord (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayFusion 9.5 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.5.0.0 - Binary Fortress Software)
Divinity Original Sin 2 Definitive Edition (HKLM-x32\...\Divinity Original Sin 2 Definitive Edition_is1) (Version: - )
Dont Starve Together (HKLM-x32\...\Dont Starve Together_is1) (Version: - )
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.10.2.2003 - Battlestate Games)
Exanima (HKLM-x32\...\1470768488_is1) (Version: 0.7.0.6c - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 4.0.3 - GOG.com)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.0.0.1 - GOG.com)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.0.06 - GOG.com)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Men of War Assault Squad 2 - Cold War (HKLM\...\TinyISO - Men of War Assault Squad 2 - Cold War) (Version: - TinyISO)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MISERY version 2.2 (HKLM-x32\...\MISERY_is1) (Version: 2.2 - MISERY Development Team)
MPC-BE x64 1.5.3.4488 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.5.3.4488 - MPC-BE Team)
MTG Arena (HKLM-x32\...\{F62E5477-A813-448F-AD6C-34FB7C31E360}) (Version: 0.1.1805 - Wizards of the Coast)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 440.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 440.97 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.50.31938 - Electronic Arts, Inc.)
Outward (HKLM\...\b3V0d2FyZA_is1) (Version: 1 - )
Parkitect (HKLM-x32\...\Parkitect_is1) (Version: - )
Pathologic 2 (HKLM-x32\...\Pathologic 2_is1) (Version: - )
Portal 2 (HKLM-x32\...\AC7F4E43-1023-443F-9746-58A93E04D896_is1) (Version: 1.0.0.0 - )
qBittorrent 4.1.3 (HKLM-x32\...\qBittorrent) (Version: 4.1.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8619 - Realtek Semiconductor Corp.)
Remote Mouse version 3.012 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.012 - Remote Mouse)
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
Resident Evil 6 version 1 (HKLM-x32\...\UmVzaWRlbnQgRXZpbCA2_is1) (Version: 1 - )
Re-Volt (HKLM-x32\...\GOGPACKREVOLT_is1) (Version: 2.1.0.5 - GOG.com)
rFactor (remove only) (HKLM-x32\...\rFactor) (Version: - )
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\1207660583_is1) (Version: 2.1.0.17 - GOG.com)
SecretFolder version 6.5.0.0 (HKLM-x32\...\SecretFolder_is1) (Version: 6.5.0.0 - hxxp://ohsoft.net/)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Serviio (HKLM\...\Serviio) (Version: 2.0 - Six Lines Ltd)
Slay the Spire (HKLM-x32\...\Slay the Spire_is1) (Version: - )
Spotify (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SWAT 4 Gold Edition (HKLM-x32\...\1409964317_is1) (Version: 2.0.0.4 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Tetris Effect (HKLM-x32\...\Tetris Effect_is1) (Version: - )
The Hong Kong Massacre (HKLM-x32\...\The Hong Kong Massacre_is1) (Version: - )
The Long Dark Redux (HKLM-x32\...\The Long Dark Redux_is1) (Version: - )
They Are Billions (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\They Are Billions) (Version: - HOODLUM)
Tropico 6 (HKLM-x32\...\Tropico 6_is1) (Version: - )
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{91684B6D-153D-4C12-B6B1-59F7496BE44A}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 69.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Wreckfest (HKLM-x32\...\Wreckfest_is1) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-23] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1341.1.0_x86__kgqvnymyfvs32 [2018-09-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.123.200.0_x86__kgqvnymyfvs32 [2018-09-22] (king.com)
CnX Player -> C:\Program Files\WindowsApps\PATHWINSOFTWAREPRIVATELIM.CnXPlayer_3.5.0.0_x86__9xc72fbp6jsh6 [2019-06-04] (PATHWIN SOFTWARE PRIVATE LIMITED) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.3.301.0_x64__rz1tebttyb220 [2018-09-22] (Dolby Laboratories)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.25.2503.0_x86__ytsefhwckbdv6 [2018-10-11] (G5 Entertainment AB)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20137.0_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-04] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.8172.0_x86__8wekyb3d8bbwe [2018-09-22] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe [2018-09-22] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1906486174-218330440-3877118835-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-262B826FBF50} -> [Creative Cloud Files] => C:\Users\WSS\Creative Cloud Files [2019-07-23 09:15]
CustomCLSID: HKU\S-1-5-21-1906486174-218330440-3877118835-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => D:\Programy\Daemon Tools\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => D:\Programy\Daemon Tools\DTShl64.dll [2018-09-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2012-05-18] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189952 2017-09-29] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\WSS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-10-25 21:19 - 2019-10-25 21:19 - 096131072 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\libcef.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\libEGL.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\libGLESv2.dll
2019-10-21 17:34 - 2008-04-19 16:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2019-10-21 17:34 - 2005-02-08 16:23 - 000979005 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\python23.dll
2019-10-21 17:34 - 2004-05-25 20:17 - 000622651 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2019-10-21 17:34 - 2004-01-15 13:45 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2019-10-21 17:34 - 2004-05-25 20:18 - 000049212 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2019-10-21 17:34 - 2004-05-25 20:18 - 000057401 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2019-10-21 17:34 - 2004-05-25 20:18 - 000495616 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2019-10-21 17:34 - 2004-05-25 20:20 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2019-10-21 17:34 - 2004-05-25 20:19 - 000045117 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2019-10-21 17:34 - 2003-08-10 08:14 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2019-10-21 17:34 - 2004-10-11 19:22 - 000315392 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2019-10-21 17:34 - 2004-10-11 19:21 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2019-10-21 17:34 - 2004-11-20 02:27 - 000106496 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\shell.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000069632 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000077824 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000086016 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2019-10-21 17:34 - 2004-11-20 02:27 - 000065536 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2019-10-21 17:34 - 2003-10-01 12:40 - 002240512 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2019-10-21 17:34 - 2003-10-01 10:43 - 003239936 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\fmod.dll
2019-10-07 19:41 - 2019-04-19 16:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\chrome_elf.dll
2018-09-23 11:32 - 2019-06-11 07:21 - 001277440 _____ (The OpenSSL Project, hxxp://
www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-09-23 11:32 - 2019-06-11 07:22 - 000279040 _____ (The OpenSSL Project, hxxp://
www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-09-23 11:32 - 2019-07-12 08:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\audio\qtaudio_windows.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qgif.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qico.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qjpeg.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qmng.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qsvg.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\imageformats\qtiff.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\platforms\qwindows.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQml\Models.2\modelsplugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick.2\qtquick2plugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\qml\QtQuick\Window.2\windowplugin.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Core.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Gui.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Multimedia.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Network.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Qml.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Quick.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5QuickControls2.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5QuickTemplates2.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Svg.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Widgets.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5WinExtras.dll
2019-10-25 21:19 - 2019-10-25 21:19 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11623\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\WSS\Desktop\asd.png
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "HKLM"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "HKCU"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1906486174-218330440-3877118835-1002\...\StartupApproved\Run: => "World of Tanks"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{3943AA31-9C14-440B-A2A6-B7C2A03C8F4D}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{3F64C34A-1F6F-446B-A0AE-818FC832F146}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3BCE7B6F-10E2-418E-AC7B-1DCF85168E7D}] => (Block) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{C29B5BB7-CBB2-4A7C-88EA-B91268895DA7}] => (Block) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{C52A2957-26EE-40BC-A706-DBEC53DC83CE}D:\programy\steam\steam.exe] => (Block) D:\programy\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{A421E8F7-AFFD-4DE9-9DAC-7D5678DA036B}D:\programy\steam\steam.exe] => (Block) D:\programy\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{34F78666-B61B-4B53-B236-A3C76DBD9805}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E37942DB-A8B9-4104-9B3F-2393499A57CA}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ACB482D0-E751-4D90-9E2F-11CB6BE62C96}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D32D37C-E12C-4A00-99D1-847AC59A4EFF}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{79C06BF3-CB5A-4211-8F64-8CD7F5B789BF}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{7FA63193-D494-4310-A896-4251665EF63F}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{7ABA372F-D823-4761-A017-419FD2C9E2A0}] => (Block) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{69EDA745-955C-487B-8377-DBFD83AAAC88}] => (Block) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
16-10-2019 17:42:47 Scheduled Checkpoint
25-10-2019 16:51:19 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/29/2019 08:14:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/29/2019 05:51:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.16299.492 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1afc
Start Time: 01d58e410f712acc
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Report Id: fe520267-8b98-45e2-8cf1-a5b2d0a64cfd
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.637_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (10/29/2019 05:51:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-5M56U6R)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.637_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.
Error: (10/29/2019 04:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ModernWarfare.exe, version: 1.0.0.0, time stamp: 0x5db3ea28
Faulting module name: ntdll.dll, version: 10.0.16299.665, time stamp: 0x2e74e364
Exception code: 0xc0000005
Fault offset: 0x000000000004a6ab
Faulting process id: 0x3560
Faulting application start time: 0x01d58e6a0bcbee0f
Faulting application path: D:\Hry\Call of Duty Modern Warfare\ModernWarfare.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: a1560e28-7ae2-44eb-ae5d-4cd99d413329
Faulting package full name:
Faulting package-relative application ID:
Error: (10/29/2019 12:02:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcontainer.exe, version: 1.19.2693.9990, time stamp: 0x5d440082
Faulting module name: ntdll.dll, version: 10.0.16299.665, time stamp: 0x2e74e364
Exception code: 0xc0000374
Fault offset: 0x00000000000f842b
Faulting process id: 0x194c
Faulting application start time: 0x01d58e410f3bb8b0
Faulting application path: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 3ea6bc13-efd0-4467-bc1c-c586b74253a7
Faulting package full name:
Faulting package-relative application ID:
Error: (10/28/2019 05:50:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/28/2019 04:25:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ModernWarfare.exe, version: 1.0.0.0, time stamp: 0x5db3ea28
Faulting module name: ntdll.dll, version: 10.0.16299.665, time stamp: 0x2e74e364
Exception code: 0xc0000005
Fault offset: 0x000000000004a6ab
Faulting process id: 0x12f8
Faulting application start time: 0x01d58d87fe1d8382
Faulting application path: D:\Hry\Call of Duty Modern Warfare\ModernWarfare.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 1064c4a7-3908-4895-aa9c-c0c60cfe093f
Faulting package full name:
Faulting package-relative application ID:
Error: (10/28/2019 03:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcontainer.exe, version: 1.19.2693.9990, time stamp: 0x5d440082
Faulting module name: ntdll.dll, version: 10.0.16299.665, time stamp: 0x2e74e364
Exception code: 0xc0000374
Fault offset: 0x00000000000f842b
Faulting process id: 0xb28
Faulting application start time: 0x01d58d87a27da8b6
Faulting application path: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 01ac7663-243c-4271-8b6f-4fb92a316255
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (10/29/2019 08:14:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 03:13:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 01:16:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 11:45:31 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 11:34:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 11:14:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 11:14:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2019 11:10:32 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5M56U6R)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-5M56U6R\WSS SID (S-1-5-21-1906486174-218330440-3877118835-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-10-07 14:14:05.340
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AA7FCDE9-CCCD-4E6C-BCAD-1B0A5EB712C8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-06 21:59:47.005
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {91F1A784-4408-4E81-8283-D5EAB66A54DC}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-09-21 14:21:45.845
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: HackTool:Win32/AutoKMS
ID: 2147685180
Severity: High
Category: Tool
Path: file:_D:\Torrenty\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.301.1812.0, AS: 1.301.1812.0, NIS: 1.301.1812.0
Engine Version: AM: 1.1.16300.1, NIS: 1.1.16300.1
Date: 2019-09-07 12:48:54.989
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {11908B2E-B0D6-4B99-B5CF-C9002448FF20}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-09-03 19:38:29.067
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5F39A2B3-A391-4ECD-8F65-F4D23C6A6161}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-10 09:15:33.196
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
==================== Memory info ===========================
BIOS: American Megatrends Inc. B.10 09/06/2015
Motherboard: MSI B150 GAMING M3 (MS-7978)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8131.67 MB
Available physical RAM: 5314.02 MB
Total Virtual: 16835.67 MB
Available Virtual: 11564.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.97 GB) (Free:56.1 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:125.75 GB) NTFS
Drive h: (Download) (Fixed) (Total:465.75 GB) (Free:77.98 GB) NTFS
\\?\Volume{2204a4c2-526a-4c52-b4b0-5f4f1c77da72}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.14 GB) NTFS
\\?\Volume{96c8097e-4afe-45ac-b01c-2f1cd1ce3a7a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BE794183)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
