VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu pc

https://forum.viry.cz:443/viewtopic.php?t=156443

Stránka 1 z 2

Prosím o kontrolu pc

Napsal: 17 říj 2019 12:59
od mania
Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2019-10-17 13:57:59
Microsoft Windows 10 Home
System drive C: has 484 GB (51%) free of 953 GB
Total RAM: 3030 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:06, on 17.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x86__8wekyb3d8bbwe\YourPhone.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\MicrosoftEdgeCP.exe
C:\WINDOWS\system32\MicrosoftEdgeSH.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\System32\SecurityHealthSystray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.4.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\LuciFafa\Downloads\RSIT.exe
C:\Program Files\trend micro\LuciFafa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7100 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942

prefs.js - "browser.startup.homepage" - "https://www.google.cz/"

"{b84eec0c-f44b-420f-b2ee-db2a585be7fc}"=C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.221.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.221.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-20 479216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-20 193520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 73728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-05 232840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-07-04 644552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-09-26 1617800]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
"OneDrive"=C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-10 1592440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-07-12 223360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-10-17 13:57:59 ----D---- C:\rsit
2019-10-17 13:56:46 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2019-10-17 13:48:09 ----D---- C:\AdwCleaner
2019-10-11 20:42:58 ----D---- C:\Program Files\Mozilla Firefox
2019-10-05 15:28:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-05 15:28:11 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-10-05 15:28:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2019-10-03 18:25:37 ----D---- C:\Program Files\CCleaner Browser
2019-09-20 10:32:54 ----D---- C:\WINDOWS\Panther

======List of files/folders modified in the last 1 month======

2019-10-17 13:58:06 ----D---- C:\Program Files\trend micro
2019-10-17 13:56:59 ----D---- C:\WINDOWS\Prefetch
2019-10-17 13:56:46 ----D---- C:\WINDOWS\system32\drivers
2019-10-17 13:56:46 ----D---- C:\WINDOWS\system32\catroot2
2019-10-17 13:56:13 ----D---- C:\WINDOWS\System32
2019-10-17 13:56:13 ----D---- C:\WINDOWS\INF
2019-10-17 13:56:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-17 13:54:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-17 13:52:19 ----D---- C:\WINDOWS\Temp
2019-10-17 13:51:37 ----D---- C:\WINDOWS\system32\Tasks
2019-10-17 13:50:14 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-17 13:50:14 ----D---- C:\WINDOWS\Logs
2019-10-17 13:50:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2019-10-17 13:50:09 ----D---- C:\Program Files\CCleaner
2019-10-17 13:49:36 ----D---- C:\WINDOWS\system32\sru
2019-10-17 13:49:00 ----HD---- C:\ProgramData
2019-10-16 20:25:28 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-15 20:24:39 ----SHD---- C:\System Volume Information
2019-10-14 20:38:00 ----D---- C:\WINDOWS\system32\config
2019-10-14 20:25:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-12 18:28:45 ----D---- C:\WINDOWS\AppReadiness
2019-10-12 18:28:44 ----HD---- C:\Program Files\WindowsApps
2019-10-11 21:21:49 ----RD---- C:\Program Files
2019-10-11 08:37:59 ----D---- C:\WINDOWS\system32\Macromed
2019-10-07 18:39:19 ----D---- C:\Windows
2019-10-07 13:10:45 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 15:38:33 ----D---- C:\Program Files\WinRAR
2019-10-05 15:30:04 ----D---- C:\WINDOWS\WinSxS
2019-10-05 15:28:22 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-03 18:28:09 ----SHD---- C:\WINDOWS\Installer
2019-10-03 18:28:09 ----SHD---- C:\Config.Msi
2019-09-25 17:33:07 ----D---- C:\WINDOWS\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2015-03-30 36040]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-05 35512]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-05 169408]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-05 59368]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-05 15792]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-05 73312]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-05 277408]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 45064]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 15688]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 29696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-05 174712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-05 224008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-05 211088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-05 41200]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-05 95168]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-05 691528]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-05 394856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 57144]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 45568]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-10-05 145048]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-05 176760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-09-06 350720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 37888]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-09-06 128512]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [2017-05-16 32682368]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [2017-05-16 415104]
R3 AtiHDAudioService;@oem89.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 dtlitescsibus;@oem45.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2019-10-17 241760]
R3 RTL8167;@oem79.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;@oem6.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2015-12-14 27632]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\WINDOWS\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
S0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 693048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 121144]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 103224]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 106296]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 64312]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 79160]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 51512]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 59192]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 33592]
S2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 14336]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 241664]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-09-06 13312]
S3 AsusVBus;AsusVBus; C:\WINDOWS\system32\DRIVERS\AsusVBus.sys [2017-01-09 33048]
S3 ATP;ASUS Touchpad; C:\WINDOWS\system32\DRIVERS\AsusTP.sys [2017-01-09 66872]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-09-06 90120]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-09-06 92672]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 73216]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-09-06 25600]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-09-06 1091584]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-09-06 70144]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 29696]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 53560]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_x86_856ba6d2e9bf5f71\genericusbfn.sys [2019-09-06 17920]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2019-03-19 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 40248]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-09-06 42496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 19968]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 73728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2019-03-19 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 32768]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 19456]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 39944]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 425784]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 46392]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-07-09 274432]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 46080]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2018-06-22 6456416]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 130560]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 79888]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 13312]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 18944]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 160256]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 76800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 383872]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-05 859096]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-05 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_3ea7b;CDPUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-09-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 OneSyncSvc_3ea7b;OneSyncSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2018-11-14 76888]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-05 5035312]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_3ea7b;cbdhsvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 5247944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-06 733144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-09-26 163328]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_3ea7b;AarSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_3ea7b;BcastDVRUserService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_3ea7b;BluetoothUserService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_3ea7b;CaptureService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_3ea7b;ConsentUxUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 CredentialEnrollmentManagerUserSvc_3ea7b;CredentialEnrollmentManagerUserSvc_3ea7b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_3ea7b;DeviceAssociationBrokerSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_3ea7b;DevicePickerUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_3ea7b;DevicesFlowUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 71168]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2019-02-05 43712]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_3ea7b;MessagingService_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2019-10-11 221728]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-06-22 7188752]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 79360]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_3ea7b;PimIndexMaintenanceSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_3ea7b;PrintWorkflowUserSvc_3ea7b; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 863744]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-19 47752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]

-----------------EOF-----------------

Re: Prosím o kontrolu pc

Napsal: 17 říj 2019 13:07
od mania
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-17-2019
# Duration: 00:00:18
# OS: Windows 10 Home
# Scanned: 35171
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.ByteFence C:\ProgramData\ByteFence

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.ByteFence HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
PUP.Optional.EoRezo HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [5362 octets] - [17/10/2019 13:48:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Prosím o kontrolu pc

Napsal: 19 říj 2019 20:03
od Conder
Ahoj :)

:arrow: V AdwCleaneri nechaj zmazat vsetky nalezy a posli log.

:arrow: Nasledne poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Prosím o kontrolu pc

Napsal: 21 říj 2019 16:33
od mania
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-10-2019
Ran by LuciFafa (21-10-2019 17:31:25)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 1903 18362.356 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 69.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 69.0.3 (x86 cs)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3.7221 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2

==================== Loaded Modules (Whitelisted) ==============

2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2019-10-18 19:27 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2019-09-13 19:59 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe

==================== Restore Points =========================

01-10-2019 19:39:27 Naplánovaný kontrolní bod
09-10-2019 20:53:50 Naplánovaný kontrolní bod
18-10-2019 21:27:58 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2019 04:53:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1d50
Čas spuštění chybující aplikace: 0x01d5881f3e98f4f6
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4cc6802c-c0eb-4ca6-851b-97e00f009911
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/21/2019 04:53:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2700
Čas spuštění chybující aplikace: 0x01d5881f4587d1ee
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7c445e1d-9491-4c56-8631-5d7fe2e5420f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/21/2019 07:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2794
Čas spuštění chybující aplikace: 0x01d587d3cb360d7c
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7cbc03ab-d582-4326-a1b9-2909c3e891ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/21/2019 07:53:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x208
Čas spuštění chybující aplikace: 0x01d587d3d352fe1e
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 564da0e3-3d57-4070-9263-f388942f1603
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/20/2019 12:42:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.2.1735, časové razítko: 0x5baafa35
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1b7c
Čas spuštění chybující aplikace: 0x01d58732fd04839a
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1b0b5b87-e2e5-41b5-86eb-0203fbe1f1c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/20/2019 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0x01d5873302444323
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4821cf9b-0a3c-442f-89c1-ddca27b8a61d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/19/2019 08:56:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001601bf
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6672508d-6885-4b06-8d39-d889f04f595b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/19/2019 08:56:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 69.0.3.7221, časové razítko: 0x5d9e292d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x0016001f
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01d586aeda250d96
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 987ff6f0-3858-4846-9dc7-492856041e57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/19/2019 09:26:46 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d108\??\C:\Users\LuciFafa\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat

Error: (10/18/2019 07:27:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/17/2019 01:50:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/17/2019 01:49:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/17/2019 01:49:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-10-21 16:53:02.403
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-21 07:53:11.817
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-21 07:53:11.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-21 07:53:11.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-21 07:53:11.774
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-21 07:53:11.715
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-21 07:52:56.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-10-20 19:12:41.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\VALOFEEU\CombatArms\GameGuard\npggNT.des that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 63%
Total physical RAM: 3030.36 MB
Available physical RAM: 1117.59 MB
Total Virtual: 6102.36 MB
Available Virtual: 3622.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:469.64 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF

\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu pc

Napsal: 21 říj 2019 16:34
od mania
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2019
Ran by LuciFafa (administrator) on LUCIFAFA-PC (21-10-2019 17:29:35)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.356 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.18011.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-13] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads

FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-10-21]
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-26] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3379072 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91560 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [145048 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [268768 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [47584 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-21 17:29 - 2019-10-21 17:30 - 000028138 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 17:29 - 2019-10-21 17:30 - 000000000 ____D C:\FRST
2019-10-21 17:28 - 2019-10-21 17:28 - 001452544 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 08:46 - 2019-10-18 08:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 08:46 - 2019-10-18 08:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 08:45 - 2019-10-18 08:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 08:45 - 2019-10-18 08:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 08:31 - 2019-10-18 08:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 08:31 - 2019-10-18 08:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 08:31 - 2019-09-30 06:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 08:31 - 2019-06-26 13:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:48 - 2019-10-17 13:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 13:48 - 2019-10-17 13:48 - 007636680 _____ (Malwarebytes) C:\Users\LuciFafa\Desktop\adwcleaner_7.4.1.exe
2019-10-17 13:18 - 2019-10-17 13:29 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2019-10-11 20:42 - 2019-10-17 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-05 15:28 - 2019-10-05 15:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 15:28 - 2019-10-05 15:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-05 15:28 - 2019-10-05 15:27 - 000145048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-03 18:25 - 2019-10-03 18:28 - 000000000 ____D C:\Program Files\CCleaner Browser
2019-10-03 18:24 - 2019-10-03 18:24 - 025441808 _____ (Piriform Software Ltd) C:\Users\LuciFafa\Downloads\ccsetup562.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-21 17:30 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-10-21 16:54 - 2019-03-19 04:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-21 16:54 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-10-21 16:53 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-10-20 19:12 - 2019-09-06 20:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-20 19:12 - 2019-09-06 20:48 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-20 19:12 - 2019-09-06 20:48 - 000002864 _____ C:\WINDOWS\system32\Tasks\Java Updater
2019-10-20 19:12 - 2019-09-06 20:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-10-20 19:12 - 2019-09-06 20:48 - 000002254 _____ C:\WINDOWS\system32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-20 19:12 - 2019-09-06 20:48 - 000002126 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-20 19:12 - 2019-09-06 20:48 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-20 19:12 - 2019-09-06 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-20 19:11 - 2019-09-06 20:48 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-20 19:11 - 2019-09-06 20:48 - 000003250 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-18 19:32 - 2019-09-06 20:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-18 19:32 - 2019-03-19 09:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-18 19:32 - 2019-03-19 09:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-18 19:32 - 2019-03-19 04:44 - 000000000 ____D C:\WINDOWS\INF
2019-10-18 19:27 - 2019-09-06 20:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-18 19:27 - 2019-03-19 04:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-18 19:27 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-18 15:53 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-18 11:52 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-18 08:31 - 2019-03-19 04:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2019-10-17 13:50 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-17 13:50 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-10-14 20:32 - 2015-09-29 17:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-14 20:25 - 2019-09-06 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-11 21:21 - 2015-09-26 08:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-11 08:38 - 2019-09-06 20:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 08:38 - 2019-09-06 20:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 08:38 - 2019-04-10 09:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 08:37 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 13:23 - 2019-09-06 20:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 13:23 - 2019-09-06 20:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 13:10 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-06 10:14 - 2019-09-06 20:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-05 15:39 - 2015-09-29 19:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 15:38 - 2015-10-05 14:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 15:28 - 2018-02-14 15:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 15:28 - 2018-02-14 15:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 15:27 - 2019-09-09 19:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 15:27 - 2019-02-19 12:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 15:27 - 2019-01-16 13:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 15:27 - 2018-10-16 10:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 15:27 - 2018-02-14 15:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-03 18:29 - 2019-09-06 20:42 - 000000000 ____D C:\Users\LuciFafa
2019-10-03 18:25 - 2019-01-15 12:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-26 20:24 - 2019-09-06 20:49 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Packages
2019-09-25 17:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-21 18:46 - 2019-09-20 10:32 - 000000000 ____D C:\WINDOWS\Panther

==================== Files in the root of some directories ================

2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 19:29 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 19:29 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 19:29 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 21:29 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 19:29 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 21:29 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 19:29 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 10:48 - 2015-11-20 10:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 19:29 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
2015-09-28 10:38 - 2018-10-03 08:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Re: Prosím o kontrolu pc

Napsal: 21 říj 2019 17:10
od mania
Ahojky,
snad jsem to udělala dobře pc v celku jede jen občas se mi otevřou 2x stránky po jednom kliknutí trochu pomalejší ale to bude už stářím :) . Ještě jedna věc před nedávnem jsem tam pleskla win 10 ( v podstatě se snima seznamuju) a přijde mi tam mnoho zbytečností nebyl by nějaky odkaz vysvětlivky co je důležité a co na odfajfkovaní. Děkuji

Re: Prosím o kontrolu pc

Napsal: 21 říj 2019 22:15
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\WINDOWS\System32\Tasks\Java Updater"
CMD: type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js"

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu pc

Napsal: 22 říj 2019 17:56
od mania
Fix result of Farbar Recovery Scan Tool (x86) Version: 21-10-2019
Ran by LuciFafa (22-10-2019 18:49:28) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\WINDOWS\System32\Tasks\Java Updater"
CMD: type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js"

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04898864-0C83-419E-B915-13ABC6670E3B} - System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\MAKAYA~1\EASYWI~1\Setup.exe -c /remove /q0
Task: {9AF84B05-CCE1-499E-AA1A-0EAA49D641E6} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] <==== ATTENTION
Task: {EC409C72-887E-432A-BC38-88119C99B437} - System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => C:\Windows\system32\pcalua.exe -a C:\Users\LuciFafa\Desktop\bluescreenview_setup.exe -d C:\Users\LuciFafa\Desktop
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF user.js: detected! => C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js [2019-03-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _esMembers_@free.downloadmanagernow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> Disabled: _gtMembers_@free.gamingwonderland.com
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U3 idsvc; no ImagePath
2019-10-17 13:57 - 2019-10-17 13:58 - 000000000 ____D C:\rsit
2019-10-17 13:57 - 2019-10-17 13:57 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-10-17 13:58 - 2015-10-04 14:50 - 000000000 ____D C:\Program Files\trend micro
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 3021
Average :
Sum : 1326705091
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========= type "C:\WINDOWS\System32\Tasks\Java Updater" =========

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Author>Oracle Corporation</Author>
<Description>Java(TM) Update Scheduler</Description>
<URI>\{83BCBB2F-8370-4318-B285-D0ED7307BFE2}</URI>
</RegistrationInfo>
<Principals>
<Principal id="Author">
<UserId>S-1-5-21-1117677789-4214877554-3075564690-1000</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>HighestAvailable</RunLevel>
</Principal>
</Principals>
<Settings>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<IdleSettings>
<Duration>PT10M</Duration>
<WaitTimeout>PT1H</WaitTimeout>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
</Settings>
<Triggers>
<BootTrigger>
<StartBoundary>2019-07-12T21:29:04</StartBoundary>
<Delay>PT10S</Delay>
</BootTrigger>
</Triggers>
<Actions Context="Author">
<Exec>
<Command>C:\Users\LuciFafa\AppData\Roaming\nircmd.exe</Command>
<Arguments>exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe"</Arguments>
</Exec>
</Actions>
</Task>
========= End of CMD: =========


========= type "C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js" =========

user_pref("browser.shell.checkDefaultBrowser",false);
user_pref("extensions.blocklist.url","https://blocklists.settings.services.mo ... _LAST_PING%/");
user_pref("toolkit.telemetry.server","https://incoming.telemetry.moziIIa.org");
user_pref("extensions.blocklist.enabled",false);
user_pref("xpinstall.signatures.required",false);
user_pref("app.shield.optoutstudies.enabled",false);
user_pref("app.normandy.enabled",false);
user_pref("extensions.autoDisableScopes",0);
user_pref("app.update.enabled",false);

========= End of CMD: =========

HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04898864-0C83-419E-B915-13ABC6670E3B}" => removed successfully.
C:\Windows\System32\Tasks\{F5B3796B-559A-436C-B72D-371E70F9547B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5B3796B-559A-436C-B72D-371E70F9547B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AF84B05-CCE1-499E-AA1A-0EAA49D641E6}" => removed successfully.
C:\Windows\System32\Tasks\Java Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC409C72-887E-432A-BC38-88119C99B437}" => removed successfully.
C:\Windows\System32\Tasks\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A527CA5-EDA6-4116-8493-7E0CCD0FD7C1}" => removed successfully.
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\user.js => moved successfully
Firefox Proxy settings were reset.
"Firefox HomepageOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox HomepageOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"Firefox NewTabOverride (_esMembers_@free.downloadmanagernow.com) " => removed successfully.
"Firefox NewTabOverride (_gtMembers_@free.gamingwonderland.com) " => removed successfully.
"HKLM\Software\Mozilla\Firefox\Extensions\\{b84eec0c-f44b-420f-b2ee-db2a585be7fc}" => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully.
HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully.
HKLM\System\CurrentControlSet\Services\rpcapd => removed successfully.
rpcapd => service removed successfully.
HKLM\System\CurrentControlSet\Services\amdacpksd => removed successfully.
amdacpksd => service removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully.
idsvc => service removed successfully.
C:\rsit => moved successfully
C:\Users\LuciFafa\Downloads\RSIT.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074 => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108215154 B
Java, Flash, Steam htmlcache => 172828796 B
Windows/system/drivers => 708 B
Edge => 1021931 B
Chrome => 0 B
Firefox => 1121689681 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
LocalService => 40268 B
NetworkService => 40904 B
LuciFafa => 23850847 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:52:08 ====

Re: Prosím o kontrolu pc

Napsal: 22 říj 2019 22:24
od Conder
:arrow: Ako to vyzera s PC? Su nejake problemy?

:arrow: Plocha ma cca 1 GB. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Re: Prosím o kontrolu pc

Napsal: 31 říj 2019 13:44
od mania
Ahojky děkuji za pomoc pc běží v normě plochu jsem zmenšila jen na zastupce. Jen dotaz zda tam bylo něco škodlivého nebo jen nepodstatný obsah. Děkuji

Re: Prosím o kontrolu pc

Napsal: 31 říj 2019 15:08
od Conder
:arrow: Este som narazil na urcite podozrive subory v PC.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
File: C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
File: C:\Users\LuciFafa\AppData\Roaming\nssm.exe
File: C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
File: C:\Users\LuciFafa\AppData\Roaming\Redist.exe

2015-11-18 19:29 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 19:29 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 19:29 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 19:29 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 21:29 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2015-11-18 19:29 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 21:29 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 19:29 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 10:48 - 2015-11-20 10:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 19:29 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2015-12-26 21:23 - 2015-12-26 21:23 - 000000037 ___SH () C:\Users\LuciFafa\AppData\Local\20986331705021ca58edc424.96250074

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu pc

Napsal: 03 lis 2019 13:50
od mania
Logfile of random's system information tool 1.10 (written by random/random)
Run by LuciFafa at 2019-11-03 13:45:15
Microsoft Windows 10 Home
System drive C: has 465 GB (49%) free of 953 GB
Total RAM: 3030 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:17, on 3.11.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19101.469.0_x86__8wekyb3d8bbwe\YourPhone.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\MicrosoftEdgeCP.exe
C:\WINDOWS\system32\MicrosoftEdgeSH.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\CompPkgSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\LuciFafa\Downloads\FRST(1).exe
C:\Users\LuciFafa\Downloads\RSIT(1).exe
C:\Program Files\trend micro\LuciFafa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe"
O4 - HKLM\..\Run: [MouseDriver] TiltWheelMouse.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MRAC Service (mracsvc) - LLC Mail.Ru - C:\Windows\System32\mracsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7416 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942

prefs.js - "browser.startup.homepage" - "https://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.231.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.231.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\Windows\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18 480312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18 194616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 73728]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2015-01-28 7519960]
"NUSB3MON"=C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-05 232840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-10-05 645648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2018-09-25 1617800]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]
"OneDrive"=C:\Users\LuciFafa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-10 1592440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyComGames]
C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe [2018-07-12 223360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe:*:Enabled:CombatArms.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe:*:Enabled:Engine.exe"
"C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe"="C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\Nexon\Library\combatarms\appdata\CombatArms.exe"="C:\Nexon\Library\combatarms\appdata\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Library\combatarms\appdata\Engine.exe"="C:\Nexon\Library\combatarms\appdata\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Library\combatarms\appdata\NMService.exe"="C:\Nexon\Library\combatarms\appdata\NMService.exe:*:Enabled:NMService.exe"
"C:\VALOFEEU\CombatArms\CombatArms.exe"="C:\VALOFEEU\CombatArms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\VALOFEEU\CombatArms\Engine.exe"="C:\VALOFEEU\CombatArms\Engine.exe:*Enabled:Engine.exe"
"C:\VALOFEEU\CombatArms\NMService.exe"="C:\VALOFEEU\CombatArms\NMService.exe:*:Enabled:NMService.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FMVC"=fmcodec.dll
"msacm.lameacm"=LameACM.acm
"vidc.mjpg"=pvmjpg30.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.mjpx"=bdmjpeg.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-11-03 13:23:11 ----D---- C:\rsit
2019-11-03 13:23:11 ----D---- C:\Program Files\trend micro
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45:12 ----A---- C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45:11 ----A---- C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45:08 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:44:56 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44:55 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\mf.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44:54 ----A---- C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2019-11-02 19:44:49 ----A---- C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44:48 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44:47 ----A---- C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44:45 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44:44 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44:43 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\werui.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44:42 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\sud.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44:41 ----A---- C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44:40 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44:33 ----A---- C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44:32 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44:30 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2019-11-02 19:44:29 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44:28 ----A---- C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44:27 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44:25 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44:18 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44:12 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44:11 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44:06 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\services.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44:05 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\hal.dll
2019-11-02 19:44:04 ----A---- C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\wer.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44:03 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\webio.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44:02 ----A---- C:\WINDOWS\system32\ci.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2019-11-02 19:44:01 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\winload.exe
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2019-11-02 19:44:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43:59 ----A---- C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43:48 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43:47 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43:46 ----A---- C:\WINDOWS\system32\drivers\UsbPmApi.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\user32.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\container.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43:45 ----A---- C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43:44 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43:43 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43:42 ----A---- C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wups.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43:41 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43:40 ----A---- C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43:39 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43:38 ----A---- C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43:32 ----A---- C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43:31 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43:30 ----A---- C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43:29 ----A---- C:\WINDOWS\splwow64.exe
2019-11-02 19:43:29 ----A---- C:\WINDOWS\explorer.exe
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43:28 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\drivers\MbbCx.sys
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43:27 ----A---- C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\viac7.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-11-02 19:43:26 ----A---- C:\WINDOWS\system32\drivers\hidspi.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2019-11-02 19:43:25 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2019-11-02 19:35:48 ----A---- C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23:33 ----D---- C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-01 12:18:38 ----D---- C:\Program Files\Mozilla Firefox
2019-10-29 18:37:57 ----D---- C:\ProgramData\BlueStacks
2019-10-29 18:37:52 ----D---- C:\Program Files\BlueStacks
2019-10-21 16:29:04 ----D---- C:\FRST
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files\Java
2019-10-18 07:46:25 ----D---- C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46:17 ----D---- C:\Program Files\Common Files\Oracle
2019-10-18 07:46:17 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:45:47 ----D---- C:\Program Files\Java
2019-10-18 07:31:44 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2019-10-18 07:31:39 ----A---- C:\WINDOWS\system32\drivers\mbae.sys
2019-10-17 12:48:09 ----D---- C:\AdwCleaner
2019-10-05 14:28:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2019-10-05 14:28:11 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys

======List of files/folders modified in the last 1 month======

2019-11-03 13:44:37 ----SHD---- C:\System Volume Information
2019-11-03 13:44:16 ----D---- C:\WINDOWS\Prefetch
2019-11-03 13:23:11 ----RD---- C:\Program Files
2019-11-03 13:20:54 ----D---- C:\WINDOWS\Temp
2019-11-03 13:09:00 ----D---- C:\WINDOWS\system32\sru
2019-11-03 12:56:47 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:20:29 ----D---- C:\WINDOWS\system32\Tasks
2019-11-03 12:19:26 ----D---- C:\WINDOWS\system32\NDF
2019-11-03 12:17:01 ----D---- C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10:50 ----D---- C:\WINDOWS\System32
2019-11-03 12:10:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10:49 ----D---- C:\WINDOWS\INF
2019-11-03 10:20:23 ----D---- C:\WINDOWS\AppReadiness
2019-11-03 10:20:10 ----RD---- C:\WINDOWS\Microsoft.NET
2019-11-03 10:17:28 ----D---- C:\WINDOWS\system32\config
2019-11-03 10:17:26 ----D---- C:\WINDOWS\WinSxS
2019-11-03 10:16:57 ----D---- C:\Windows
2019-11-03 10:16:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-11-03 10:15:49 ----D---- C:\WINDOWS\system32\drivers
2019-11-02 23:14:39 ----D---- C:\WINDOWS\system32\catroot2
2019-11-02 23:13:20 ----D---- C:\WINDOWS\SystemResources
2019-11-02 23:13:16 ----D---- C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\wbem
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\sk-SK
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ru-RU
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\ro-RO
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pt-PT
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\pl-PL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\oobe
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\nl-NL
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migwiz
2019-11-02 23:13:15 ----D---- C:\WINDOWS\system32\migration
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\inetsrv
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\en-US
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\el-GR
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\Dism
2019-11-02 23:13:14 ----D---- C:\WINDOWS\system32\cs-CZ
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\Boot
2019-11-02 23:13:13 ----D---- C:\WINDOWS\system32\ar-SA
2019-11-02 23:13:05 ----D---- C:\WINDOWS\ShellExperiences
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\PrintDialog
2019-11-02 23:13:04 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13:04 ----D---- C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13:04 ----D---- C:\WINDOWS\bcastdvr
2019-11-02 23:13:04 ----D---- C:\WINDOWS\apppatch
2019-11-02 19:55:40 ----D---- C:\WINDOWS\system32\MRT
2019-11-02 19:50:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-11-02 19:50:10 ----D---- C:\WINDOWS\CbsTemp
2019-11-02 19:33:48 ----D---- C:\WINDOWS\Logs
2019-11-02 18:40:49 ----D---- C:\WINDOWS\SoftwareDistribution
2019-11-02 18:19:46 ----D---- C:\Program Files\Google
2019-11-02 17:57:15 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-11-02 17:22:29 ----D---- C:\WINDOWS\debug
2019-11-02 16:37:58 ----D---- C:\WINDOWS\system32\WDI
2019-11-02 14:06:39 ----HD---- C:\Program Files\WindowsApps
2019-11-02 14:06:37 ----D---- C:\ProgramData\Packages
2019-11-02 13:50:33 ----D---- C:\Program Files\Mozilla Maintenance Service
2019-11-01 10:57:11 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:45:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-11-01 10:42:54 ----D---- C:\WINDOWS\LiveKernelReports
2019-10-30 08:23:35 ----D---- C:\WINDOWS\system32\drivers\wd
2019-10-30 08:23:30 ----D---- C:\Program Files\Windows Defender
2019-10-29 18:37:57 ----HD---- C:\ProgramData
2019-10-28 21:26:27 ----D---- C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-23 18:11:36 ----SHD---- C:\WINDOWS\Installer
2019-10-23 18:11:36 ----SHD---- C:\Config.Msi
2019-10-22 17:51:03 ----D---- C:\WINDOWS\system32\drivers\etc
2019-10-18 07:46:29 ----D---- C:\Program Files\Common Files
2019-10-18 07:31:44 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-17 12:50:09 ----D---- C:\Program Files\CCleaner
2019-10-11 07:37:59 ----D---- C:\WINDOWS\system32\Macromed
2019-10-07 12:10:45 ----D---- C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:38:33 ----D---- C:\Program Files\WinRAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2015-03-30 73928]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2015-03-30 36040]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-10-05 35512]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-10-05 169408]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-10-05 59368]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-10-05 15792]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-10-05 73312]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-10-05 277408]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 45064]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 15688]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 29696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2014-07-23 14720]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-10-05 174712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-10-05 224008]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-10-05 211088]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-10-05 41200]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-10-05 95168]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-10-05 691528]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-10-05 394856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 57144]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 45568]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-11-02 136752]
R2 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-10-21 252480]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-11-02 350720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 37888]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-09-06 128512]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [2017-05-16 32682368]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [2017-05-16 415104]
R3 AtiHDAudioService;@oem89.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 dtlitescsibus;@oem45.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-14 25016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2015-02-03 3473624]
R3 RTL8167;@oem79.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt86win7.sys [2015-01-15 723160]
R3 seehcri;@oem6.inf,%seehcrirf.SvcDesc%;Sony Ericsson seehcri Device Driver; C:\WINDOWS\System32\drivers\seehcri.sys [2015-12-14 27632]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\WINDOWS\system32\DRIVERS\amdkmpfd.sys [2014-10-28 40136]
S0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 693048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 121144]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 103224]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 106296]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-06-26 17352]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 64312]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 79160]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 51512]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 59192]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 33592]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-10-05 176760]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 14336]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 241664]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-09-06 13312]
S3 AsusVBus;AsusVBus; C:\WINDOWS\system32\DRIVERS\AsusVBus.sys [2017-01-09 33048]
S3 ATP;ASUS Touchpad; C:\WINDOWS\system32\DRIVERS\AsusTP.sys [2017-01-09 66872]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-11-02 90120]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-09-06 92672]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 73216]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-09-06 25600]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-09-06 1091584]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-09-06 70144]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 29696]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 53560]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_x86_856ba6d2e9bf5f71\genericusbfn.sys [2019-09-06 17920]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2019-03-19 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 40248]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-02 43520]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 19968]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 73728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2019-03-19 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 32768]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 19456]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 39944]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 425784]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 46392]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-02 274432]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 46080]
S3 mracdrv;MRAC Driver; C:\WINDOWS\System32\drivers\mracdrv.sys [2018-06-22 6456416]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 130560]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 79888]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 13312]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 18944]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 160256]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 76800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 383872]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 asComSvc;ASUS Com Service; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-05 859096]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-05 57504]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CDPUserSvc_4011f;CDPUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-09-06 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 OneSyncSvc_4011f;OneSyncSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2018-11-14 76888]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 cbdhsvc_4011f;cbdhsvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-06 733144]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2018-09-25 163328]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AarSvc_4011f;AarSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-05 5035312]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BcastDVRUserService_4011f;BcastDVRUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BluetoothUserService_4011f;BluetoothUserService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CaptureService_4011f;CaptureService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 ConsentUxUserSvc_4011f;ConsentUxUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 CredentialEnrollmentManagerUserSvc_4011f;CredentialEnrollmentManagerUserSvc_4011f; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 279416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DeviceAssociationBrokerSvc_4011f;DeviceAssociationBrokerSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicePickerUserSvc_4011f;DevicePickerUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevicesFlowUserSvc_4011f;DevicesFlowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 71168]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2019-02-05 43712]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\78.0.3904.87\elevation_service.exe [2019-10-30 959128]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2019-10-23 155432]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 5394136]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MessagingService_4011f;MessagingService_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2019-11-01 221728]
S3 mracsvc;MRAC Service; C:\Windows\System32\mracsvc.exe [2018-06-22 7188752]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2018-03-15 7986848]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 79360]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PimIndexMaintenanceSvc_4011f;PimIndexMaintenanceSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PrintWorkflowUserSvc_4011f;PrintWorkflowUserSvc_4011f; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 863744]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 45448]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-19 47752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 45448]

-----------------EOF-----------------

Re: Prosím o kontrolu pc

Napsal: 03 lis 2019 13:51
od mania
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2019
Ran by LuciFafa (administrator) on LUCIFAFA-PC (03-11-2019 13:44:14)
Running from C:\Users\LuciFafa\Downloads
Loaded Profiles: LuciFafa (Available Profiles: LuciFafa)
Platform: Microsoft Windows 10 Home Version 1903 18362.418 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7519960 2015-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1617800 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.87\Installer\chrmstp.exe [2019-11-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {072CD73B-A177-48F9-A6B7-88BE4AD767C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CA094BA-D37D-4BD1-9B8D-1F4C7EBF760B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-11] (Adobe Inc. -> Adobe)
Task: {1F37C4D6-8AD0-4740-9FBE-A223A8F92C72} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D547F09-AB9B-458A-BE13-53287865A027} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {310EBAD5-3127-4767-84C7-ED217DDDA5EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37EC1E74-6C44-4B30-A6F1-5AE69C4A7CFF} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe
Task: {4482917A-EDAE-4D7D-B621-4E21D0479CEE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-11] (Adobe Inc. -> Adobe)
Task: {53648477-B30C-44F6-9421-2F7FF80DCBE9} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5F886570-6BD8-4254-8DC1-A38C78CEF3C5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62FAB98F-0165-438C-A61C-6C354214A580} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {640E7AD3-7A65-4CB7-9197-ED2BAAFD2945} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67F8D0E7-E897-4E22-9258-AFC61361BB1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7099E0BC-E0DF-4B78-9C3F-03B1B646C041} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5496880 2019-08-27] (valofe Co.,Ltd. -> Valofe)
Task: {83482C26-D5B0-4999-8965-1E221E559312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {896F7C2D-C4EA-4A9A-BC21-4E33EA8C2C98} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {8D5C7F68-16C4-45B4-A8A5-F2E7382AB882} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {920D55A6-C75E-4757-87FD-A2A37D4B1079} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {935CFF16-E68D-466B-B047-C6B70A692112} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {97264EF2-3461-465C-9093-A98DFA9FF727} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AFE2589B-2234-43EF-B0C4-9E8EBF7F9996} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1542536 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AFFE6A38-F468-4E0C-9AE5-79997B583DF5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B81AD758-FF6E-4883-9DBE-20865B218B98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C00E2B0D-CA13-43CC-937D-F08FC12B4D85} - System32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF} => C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe [39109936 2014-11-12] (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
Task: {D2918185-EB46-4389-A9C2-066839A2C5FE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5710AD8-16D6-4457-84FA-882F80D8D906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {D81E909E-533E-4591-A6B2-BFF769F0E74C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D88BBE2B-CA68-46BC-BEA7-2DCA2047C6BE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E54424BD-C227-47D3-BDFE-BADFA377BE33} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {F742D008-A50D-4F4B-B68D-9357ECEAD1C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {FD6432B4-732F-4165-A615-042B4A465273} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4950ECBA-8D72-493B-A0EB-CA9249133316}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{92FF2636-7489-4F36-B570-14750FE804D3}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
DownloadDir: C:\Users\LuciFafa\Downloads

FireFox:
========
FF DefaultProfile: o4nlojpb.default-1540287753942
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 [2019-11-03]
FF Homepage: Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942 -> hxxps://www.google.cz/
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\sp@avast.com.xpi [2019-09-12]
FF Extension: (Avast Online Security) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\o4nlojpb.default-1540287753942\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-10-24] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-04] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-23] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2019-11-02]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-02]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-02]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [383872 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [163328 2018-09-25] () [File not signed]
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [7188752 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 npggsvc; C:\Windows\system32\GameMon.des [7986848 2018-03-15] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [2258536 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [85032 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmdag.sys [32682368 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct313676.inf_x86_4caaee15f1d03005\atikmpag.sys [415104 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [82432 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [252480 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [6456416 2018-06-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38280 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [275680 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-03 13:45 - 2019-11-03 13:45 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64(1).exe
2019-11-03 13:43 - 2019-11-03 13:43 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST(1).exe
2019-11-03 13:38 - 2019-11-03 13:38 - 001619456 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST64.exe
2019-11-03 13:34 - 2019-11-03 13:41 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt
2019-11-03 13:34 - 2019-11-03 13:36 - 000043092 _____ C:\Users\LuciFafa\Downloads\Addition.txt
2019-11-03 13:32 - 2019-11-03 13:45 - 000028982 _____ C:\Users\LuciFafa\Downloads\FRST.txt
2019-11-03 13:30 - 2019-11-03 13:30 - 001455104 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2019-11-03 13:23 - 2019-11-03 13:45 - 000000000 ____D C:\Program Files\trend micro
2019-11-03 13:23 - 2019-11-03 13:23 - 000000000 ____D C:\rsit
2019-11-03 13:22 - 2019-11-03 13:22 - 001107968 _____ C:\Users\LuciFafa\Downloads\RSIT.exe
2019-11-03 13:17 - 2019-11-03 13:17 - 000002182 _____ C:\Users\LuciFafa\Desktop\fixlist.txt.txt
2019-11-03 12:20 - 2019-11-03 12:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1117677789-4214877554-3075564690-1000
2019-11-02 19:45 - 2019-11-02 19:45 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-11-02 19:45 - 2019-11-02 19:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-11-02 19:45 - 2019-11-02 19:45 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 007069200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005865488 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002995200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002989568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002777088 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-11-02 19:44 - 2019-11-02 19:44 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 002073200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001973248 _____ C:\WINDOWS\system32\dwmscene.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001909248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001659736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001247024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001223680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001112208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-02 19:44 - 2019-11-02 19:44 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001071112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001018552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000981000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000701424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000682496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000554384 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-11-02 19:44 - 2019-11-02 19:44 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000407560 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000397328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-02 19:44 - 2019-11-02 19:44 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000135696 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000115240 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000071992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-11-02 19:44 - 2019-11-02 19:44 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-11-02 19:44 - 2019-11-02 19:44 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011792 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2019-11-02 19:44 - 2019-11-02 19:44 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-02 19:44 - 2019-11-02 19:44 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 004754432 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003129344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 003042304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 002439680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 002063872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001883152 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001539904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001533952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001454632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001419776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000824120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000786040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000689976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000551224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000506440 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000323896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000319976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000166952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000156688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000090120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000085008 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000074864 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000057656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000035328 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000033792 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-11-02 19:43 - 2019-11-02 19:43 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-11-02 19:43 - 2019-11-02 19:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000023744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-02 19:43 - 2019-11-02 19:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-11-02 19:35 - 2019-09-20 05:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-02 18:23 - 2019-11-02 18:23 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Google
2019-11-02 18:19 - 2019-11-02 18:19 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-02 18:19 - 2019-11-02 18:19 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-02 17:57 - 2019-11-02 17:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-11-02 17:53 - 2019-11-02 17:54 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\ChromeSetup.exe
2019-11-02 17:52 - 2019-11-02 18:08 - 895990248 _____ (AndyOS) C:\Users\LuciFafa\Downloads\Andy_47.260_1096_26_x86.exe
2019-11-02 17:42 - 2019-11-02 17:45 - 1037019670 _____ C:\Users\LuciFafa\Downloads\cloudready-free-76.4.69-64-bit.zip
2019-11-02 17:41 - 2019-11-02 17:41 - 046735120 _____ C:\Users\LuciFafa\Downloads\cloudready-usb-maker.exe
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2019-11-02 17:41 - 2019-11-02 17:41 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\neverware
2019-11-02 16:41 - 2019-11-02 16:41 - 000002167 _____ C:\Users\LuciFafa\Desktop\Sniper 3D.lnk
2019-11-02 16:39 - 2019-11-02 16:39 - 000007059 _____ C:\Users\LuciFafa\-1.14-windows.xml
2019-11-01 12:18 - 2019-11-02 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-29 18:57 - 2019-10-29 18:57 - 000002135 _____ C:\Users\LuciFafa\Desktop\Legends.lnk
2019-10-29 18:43 - 2019-11-03 13:43 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2019-10-29 18:39 - 2019-10-29 18:39 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000002065 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2019-10-29 18:39 - 2019-10-29 18:39 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2019-10-29 18:37 - 2019-10-29 18:39 - 000000000 ____D C:\ProgramData\BlueStacks
2019-10-29 18:37 - 2019-10-29 18:37 - 000000000 ____D C:\Program Files\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\Public\BlueStacks
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacksSetup
2019-10-29 18:35 - 2019-10-29 18:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\BlueStacks
2019-10-29 18:34 - 2019-10-29 18:35 - 000938720 _____ (BlueStack Systems Inc.) C:\Users\LuciFafa\Downloads\BlueStacksInstaller_4.140.12.1002_native_e06138a23cbe0b63ee4ff51185315a46_TmluamEgVHVydGxlczogTGVnZW5kcw==.exe
2019-10-28 16:17 - 2019-10-28 16:17 - 000001247 _____ C:\Users\LuciFafa\Desktop\Já-padouch-1-(CZ) – zástupce.lnk
2019-10-28 16:09 - 2019-10-28 16:09 - 007622344 _____ (Malwarebytes) C:\Users\LuciFafa\Downloads\adwcleaner_7.4.2.exe
2019-10-23 18:07 - 2019-10-23 18:07 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-10-23 18:07 - 2019-10-23 18:07 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Google
2019-10-23 18:06 - 2019-10-23 18:06 - 001472056 _____ (Google LLC) C:\Users\LuciFafa\Downloads\GoogleEarthProSetup.exe
2019-10-22 17:49 - 2019-11-03 13:42 - 000010234 _____ C:\Users\LuciFafa\Desktop\Fixlog.txt
2019-10-21 16:31 - 2019-10-21 16:33 - 000041928 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2019-10-21 16:29 - 2019-11-03 13:44 - 000000000 ____D C:\FRST
2019-10-21 16:29 - 2019-10-21 16:33 - 000039505 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2019-10-21 16:23 - 2019-10-21 16:23 - 001617408 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64.exe
2019-10-18 07:46 - 2019-10-18 07:46 - 000112696 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Sun
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-10-18 07:46 - 2019-10-18 07:46 - 000000000 ____D C:\Program Files\Common Files\Java
2019-10-18 07:45 - 2019-10-18 07:45 - 002066464 _____ (Oracle Corporation) C:\Users\LuciFafa\Downloads\JavaSetup8u231.exe
2019-10-18 07:45 - 2019-10-18 07:45 - 000000000 ____D C:\Program Files\Java
2019-10-18 07:31 - 2019-10-18 07:31 - 000002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 07:31 - 2019-10-18 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 07:31 - 2019-09-30 05:25 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-10-18 07:31 - 2019-06-26 12:00 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-17 12:48 - 2019-10-17 12:49 - 000000000 ____D C:\AdwCleaner
2019-10-17 12:18 - 2019-10-17 12:29 - 000000000 ____D C:\Users\LuciFafa\Documents\Nová složka (2)
2019-10-05 14:28 - 2019-11-02 13:54 - 000136752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-05 14:28 - 2019-10-05 14:28 - 000176760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-05 14:28 - 2019-10-05 14:27 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-03 13:43 - 2019-09-06 19:48 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-03 13:43 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-03 13:38 - 2018-10-23 10:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2019-11-03 13:27 - 2016-11-18 15:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2019-11-03 12:56 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-03 12:19 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-03 12:17 - 2019-09-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-03 12:10 - 2019-09-06 19:41 - 001839106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-03 12:10 - 2019-03-19 08:13 - 000764824 _____ C:\WINDOWS\system32\perfh005.dat
2019-11-03 12:10 - 2019-03-19 08:13 - 000169506 _____ C:\WINDOWS\system32\perfc005.dat
2019-11-03 12:10 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2019-11-03 12:07 - 2017-09-05 08:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2019-11-03 12:06 - 2019-09-06 19:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 12:05 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 12:05 - 2015-09-25 11:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-03 10:20 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-03 10:18 - 2019-09-06 19:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-03 10:18 - 2019-09-06 19:49 - 000000000 ___RD C:\Users\LuciFafa\3D Objects
2019-11-03 10:16 - 2019-09-06 19:34 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-02 23:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-02 19:55 - 2015-09-29 15:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-02 19:50 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-02 19:50 - 2015-09-29 15:22 - 124046008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-02 18:28 - 2015-09-25 11:34 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Google
2019-11-02 18:19 - 2015-09-25 11:34 - 000000000 ____D C:\Program Files\Google
2019-11-02 16:39 - 2019-09-06 19:42 - 000000000 ____D C:\Users\LuciFafa
2019-11-02 14:06 - 2019-09-06 20:07 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 14:06 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-02 13:50 - 2015-09-26 07:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-11-01 14:38 - 2015-09-26 07:21 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-01 10:57 - 2015-09-26 07:36 - 000606264 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-01 10:42 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-30 08:23 - 2019-09-06 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-30 08:23 - 2019-03-19 03:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-28 21:26 - 2015-12-26 20:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2019-10-28 16:33 - 2019-01-15 11:21 - 000001038 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-26 18:28 - 2019-09-06 19:48 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-25 19:41 - 2019-09-06 19:56 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1117677789-4214877554-3075564690-1000
2019-10-25 19:41 - 2019-09-06 19:48 - 000003450 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-25 19:41 - 2019-09-06 19:48 - 000003226 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-25 19:41 - 2019-09-06 19:48 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-10-25 19:41 - 2019-09-06 19:48 - 000002264 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-25 19:41 - 2019-09-06 19:48 - 000002186 _____ C:\WINDOWS\system32\Tasks\{09BE175D-9DCD-448D-AA34-F529E6EF28EF}
2019-10-25 19:41 - 2019-09-06 19:48 - 000002178 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-10-18 07:31 - 2019-03-19 03:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-17 12:50 - 2019-01-15 11:21 - 000000000 ____D C:\Program Files\CCleaner
2019-10-14 19:32 - 2015-09-29 16:33 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\ElevatedDiagnostics
2019-10-11 07:38 - 2019-09-06 19:48 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-11 07:38 - 2019-09-06 19:48 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-10-11 07:38 - 2019-04-10 08:27 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\Adobe
2019-10-11 07:37 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-10 12:23 - 2019-09-06 19:56 - 000000000 ___RD C:\Users\LuciFafa\OneDrive
2019-10-10 12:23 - 2019-09-06 19:42 - 000002415 _____ C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-07 12:10 - 2015-09-29 18:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2019-10-05 14:39 - 2015-09-29 18:03 - 000001101 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-05 14:38 - 2015-10-05 13:40 - 000000000 ____D C:\Program Files\WinRAR
2019-10-05 14:28 - 2018-02-14 14:40 - 000691528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000394856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-05 14:28 - 2018-02-14 14:40 - 000277408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-05 14:27 - 2019-09-09 18:30 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-05 14:27 - 2019-02-19 11:21 - 000211088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000224008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000059368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-05 14:27 - 2019-01-16 12:00 - 000035512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-05 14:27 - 2018-10-16 09:06 - 000041200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000174712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000095168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-05 14:27 - 2018-02-14 14:40 - 000073312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories ========

2016-06-03 14:03 - 2016-06-03 14:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2015-11-18 18:29 - 2014-05-26 19:16 - 000626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 001704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2015-11-18 18:29 - 2014-05-26 19:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2015-11-18 18:29 - 2014-05-04 10:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2015-11-18 18:29 - 2013-08-11 14:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2019-07-12 20:29 - 2014-06-29 12:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 14:01 - 2017-10-17 18:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2015-11-18 18:29 - 2014-05-26 19:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2019-07-12 20:29 - 2014-06-26 16:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2015-11-18 18:29 - 2014-05-26 19:16 - 000364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2015-11-20 09:48 - 2015-11-20 09:48 - 002497372 _____ () C:\Users\LuciFafa\AppData\Roaming\x11modSpectreglg2tc5568w256l4.bin
2015-11-18 18:29 - 2014-05-26 19:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 17:41 - 2019-11-02 17:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 09:38 - 2018-10-03 07:50 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Prosím o kontrolu pc

Napsal: 03 lis 2019 13:51
od mania
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-11-2019
Ran by LuciFafa (03-11-2019 13:45:32)
Running from C:\Users\LuciFafa\Downloads
Microsoft Windows 10 Home Version 1903 18362.418 (X86) (2019-09-06 18:49:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
ACP Application (HKLM\...\{1BF06C12-832F-28F4-A2F2-D6261871D418}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AIMP (HKLM\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0925.2319.41966 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassin's Creed ® III v1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CombatArms (HKLM\...\CombatArms) (Version: - )
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 v1.01 (HKLM\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
GameCenter My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1432 - My.Com B.V.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
GRID 2 (c) Codemasters version 1 (HKLM\...\R1JJRDI=_is1) (Version: 1 - )
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HPLJDXPHelper (HKLM\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
Java 8 Update 231 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
LJDXPHelperUI (HKLM\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x86 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1.7242 - Mozilla)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted Limited Edition (HKLM\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x86__8wekyb3d8bbwe [2019-10-10] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-28] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2017-07-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2

==================== Loaded Modules (Whitelisted) =============

2015-09-25 11:56 - 2014-07-23 02:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 11:56 - 2019-11-03 12:06 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2012-04-11 09:40 - 2012-04-11 09:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 11:56 - 2014-07-23 02:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2019-10-22 17:51 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-11-25 13:19 - 2018-11-25 13:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: bthserv => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{A2DB8D43-00BD-45FC-BF13-8EA1A9C1A210}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{8B6EE969-AB4F-41D6-A9F0-C69E7977D707}C:\hry\far cry 3\bin\farcry3_d3d11.exe] => (Block) C:\hry\far cry 3\bin\farcry3_d3d11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{B6926273-C227-4257-B1FE-08D4F0CE1B8E}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{4E229442-7D4C-472A-A70D-42275423D539}C:\hry\far cry 3\bin\farcry3.exe] => (Block) C:\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{69C9079B-9B00-426D-AABB-B00D88887BD0}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{B7BB4090-2C73-422F-AEB7-2348B04D42B4}C:\program files\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files\pro evolution soccer 2015\pes2015.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [UDP Query User{F17FB0C8-34E4-46D7-AC4E-904C298FBB45}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{89475DD2-DA4C-41E5-AB84-B2D139CF1148}C:\program files\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files\need for speed most wanted limited edition\nfs13.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [UDP Query User{5924A848-8939-4C13-8B64-78E52BDA3201}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{5F5E8BA7-F670-4C0D-AA6E-672A45ABB128}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{2C28F662-DBB7-4C63-8E6A-8E59B6BC29C2}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [TCP Query User{E7331683-6880-4A36-BD1B-78B727AA92DC}C:\valofeeu\combatarms\engine.exe] => (Allow) C:\valofeeu\combatarms\engine.exe (valofe Co.,Ltd. -> VALOFE)
FirewallRules: [{09395F40-1113-44D7-A022-D8EED26BE0ED}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{F8BA0B35-6A75-44B6-9B62-D0484BFE98BB}] => (Allow) C:\VALOFEEU\CombatArms\NMService.exe (valofe Co.,Ltd. -> Nexon Corp.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3CA8CBDB-5221-4288-BF33-C534FD8F1A45}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{9E875B8D-F6E8-44C8-B83F-FE562A8DA167}C:\program files\amd\cnext\cnext\radeonsettings.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsettings.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{83B67CD3-593C-4E91-8D75-AD5856BD5745}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{5D34E05E-5526-49C6-B870-C4CE898B916A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe

==================== Restore Points =========================

09-10-2019 19:53:50 Naplánovaný kontrolní bod
18-10-2019 20:27:58 Naplánovaný kontrolní bod
28-10-2019 20:33:18 Naplánovaný kontrolní bod
31-10-2019 15:28:51 Instalační služba modulů systému Windows
02-11-2019 13:51:56 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2019 01:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.18362.1, časové razítko: 0x68f17365
Název chybujícího modulu: NotificationController.dll, verze: 10.0.18362.387, časové razítko: 0x5ad50eab
Kód výjimky: 0xc0000409
Posun chyby: 0x000bc77d
ID chybujícího procesu: 0x1090
Čas spuštění chybující aplikace: 0x01d59236bbccc28e
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: dba9072e-e62b-430a-93dc-4eac1683ff48
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2019 01:35:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 01:26:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5948,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 01:20:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (984,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 12:41:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 12:29:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3296,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 12:15:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3980,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/03/2019 12:07:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: amddvr.exe, verze: 10.1.1.1735, časové razítko: 0x5baaf7c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1f40
Čas spuštění chybující aplikace: 0x01d59236d1906f55
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\amddvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96548a68-e154-4fbf-8b51-750f59ce98b0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WpnUserService_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba OneSyncSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (11/03/2019 01:38:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CDPUserSvc_4011f byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

Error: (11/02/2019 08:06:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/02/2019 08:04:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/02/2019 08:02:30 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/02/2019 05:22:26 PM) (Source: DCOM) (EventID: 10000) (User: LuciFafa-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/02/2019 01:50:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:47:20, ‎01.‎11.‎2019) bylo neočekávané.


Windows Defender:
===================================
Date: 2019-11-01 14:39:33.035
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-01 14:39:04.425
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-01 14:38:38.806
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-01 14:37:41.119
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Azden.A!cl
ID: 2147718745
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Desktop\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.305.1093.0, AS: 1.305.1093.0, NIS: 1.305.1093.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

CodeIntegrity:
===================================

Date: 2019-11-03 13:20:44.483
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.411
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.374
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-03 13:20:44.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 71%
Total physical RAM: 3030.36 MB
Available physical RAM: 872.39 MB
Total Virtual: 6102.36 MB
Available Virtual: 2982.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:454.27 GB) NTFS
Drive e: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF

\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: Prosím o kontrolu pc

Napsal: 03 lis 2019 14:02
od mania
Ahojky peru se stím asi dvě hodiny ten fixlist.txt mě FRST prostě nenašel ikdyž jsem vše dělala dle pokynu not found a nic na ploše to vidím uložila jsem to uplně stejně jako posledně a nic trochu zoufalství. Nejdříve mě to nechtělo ani pustit ten frst po ukecávání uspěch ale to uložení bylo na plochu byl fixlist i když jsem to přejmenovala stale nic not found.
Proto se omlouvám že posílam 3 textaky uplně nové FRST i RSIT
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz