VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

FRST Preventívka

https://forum.viry.cz:443/viewtopic.php?t=156842

Stránka 1 z 1

FRST Preventívka

Napsal: 09 úno 2020 15:46
od Venom
Dobrý deň prajem,

poprosil by som tunajších odborníkov o kontrolu logov, PC skenované MBAM, SaS a ESET-om, žiadne nálezy. Vopred srdečne ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Venom (administrator) on BLACKMESA (09-02-2020 15:38:29)
Running from C:\Users\Venom\Desktop
Loaded Profiles: Venom (Available Profiles: Venom)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\...\AppCompatFlags\Custom\game.exe: [{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb] -> TS Compatibility Fix
HKLM\Software\...\AppCompatFlags\InstalledSDB\{3f4535f8-e996-4cf1-bb6d-66eb87969155}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb [2015-09-01]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {249092BE-0019-49F3-A06B-596649030AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {472B6205-D9E8-4AA5-B040-C409E2C5E1DC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-21] (Adobe Inc. -> Adobe)
Task: {47AB16E8-E387-4612-8D43-FD4AA33ED0A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1354064 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B8D86F-4141-443C-971E-D3BA43877235} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115440 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F155994-45F2-4105-B5F2-F988DBBAF068} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B293AF1F-48EC-45B0-AF29-B908B5C104C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24607520 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B80B1C3C-2864-4B62-8AB0-DFB7BD4D2BAA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1354064 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBF9E1D4-59A9-4D71-B486-CFA83784C78B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D52AA5D5-E7EA-4E5C-BBF5-F2959212A32C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-21] (Adobe Inc. -> Adobe)
Task: {EB1C611A-D84C-4352-A21F-4055DA25CF31} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115440 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{73aeb62c-0040-447b-bd1f-edc735186fdc}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5a6mqd52.default
FF ProfilePath: C:\Users\Venom\AppData\Roaming\Mozilla\Firefox\Profiles\5a6mqd52.default [2020-02-09]
FF Homepage: Mozilla\Firefox\Profiles\5a6mqd52.default -> hxxps://www.google.sk/
FF NetworkProxy: Mozilla\Firefox\Profiles\5a6mqd52.default -> type", 0
FF Extension: (AdBlock) - C:\Users\Venom\AppData\Roaming\Mozilla\Firefox\Profiles\5a6mqd52.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-21] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-02-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129712 2020-01-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2019-11-25] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1218632 2020-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2020-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-19] (Malwarebytes Inc -> Malwarebytes)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2020-01-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3393848 2020-01-15] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-23] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-10-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-02-09] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-07-23] (Realtek Semiconductor Corp. -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 15:38 - 2020-02-09 15:39 - 000015403 _____ C:\Users\Venom\Desktop\FRST.txt
2020-02-09 15:37 - 2020-02-09 15:38 - 000000000 ____D C:\FRST
2020-02-09 15:36 - 2020-02-09 15:36 - 002279424 _____ (Farbar) C:\Users\Venom\Desktop\FRST64.exe
2020-02-09 13:10 - 2020-02-09 13:10 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-02-09 13:10 - 2020-02-09 13:10 - 000216544 ____N (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-02-03 18:28 - 2020-02-03 18:35 - 000000000 ____D C:\Users\Venom\Documents\Warcraft III
2020-02-03 18:28 - 2020-02-03 18:28 - 000000521 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2020-02-03 18:28 - 2020-02-03 18:28 - 000000521 _____ C:\ProgramData\Desktop\Warcraft III.lnk
2020-02-03 18:28 - 2020-02-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2020-02-03 17:42 - 2020-02-03 17:42 - 005649576 _____ (Blizzard Entertainment) C:\Users\Venom\Downloads\Warcraft-III-Setup.exe
2020-01-28 21:08 - 2020-02-02 18:36 - 000000000 ____D C:\Users\Venom\AppData\Local\MK11
2020-01-25 18:07 - 2020-01-25 18:07 - 000000000 ____D C:\Users\Venom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doomsday 2.2.1.3299
2020-01-23 21:15 - 2020-01-23 21:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Sniper3
2020-01-20 16:06 - 2020-01-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-01-14 19:58 - 2020-01-14 19:58 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-14 19:58 - 2020-01-14 19:58 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-14 19:58 - 2020-01-14 19:58 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-14 19:57 - 2020-01-14 19:57 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-14 19:57 - 2020-01-14 19:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-14 19:57 - 2020-01-14 19:57 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-14 19:48 - 2020-01-14 19:50 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-14 19:48 - 2020-01-14 19:50 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 15:34 - 2019-12-02 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-09 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-09 14:25 - 2018-10-20 15:55 - 000000000 ____D C:\Users\Venom\AppData\LocalLow\Mozilla
2020-02-09 13:05 - 2019-12-02 16:55 - 000920210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-09 13:05 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-09 13:05 - 2018-11-17 10:16 - 000075714 _____ C:\WINDOWS\system32\perfh01B.dat
2020-02-09 13:05 - 2018-11-17 10:16 - 000020172 _____ C:\WINDOWS\system32\perfc01B.dat
2020-02-09 13:00 - 2019-12-02 16:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-09 13:00 - 2019-08-30 15:32 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-09 04:38 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-09 04:21 - 2018-10-29 12:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Battle.net
2020-02-09 01:05 - 2018-10-29 09:19 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-09 01:03 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-09 01:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-05 20:09 - 2019-03-12 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-02-04 01:49 - 2018-10-23 22:26 - 000000000 ___RD C:\Users\Venom\Patches
2020-02-03 17:43 - 2018-10-29 12:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-02-03 17:25 - 2018-10-20 15:26 - 000000000 ____D C:\Users\Venom\AppData\Local\VirtualStore
2020-02-03 16:13 - 2019-08-28 16:11 - 000000000 ____D C:\Users\Venom\Documents\AXA
2020-01-29 19:37 - 2018-10-20 16:20 - 000000199 _____ C:\Users\Venom\Desktop\Misc.txt
2020-01-28 20:24 - 2018-10-21 13:23 - 000000000 ____D C:\Users\Venom\AppData\Local\D3DSCache
2020-01-28 17:33 - 2019-02-20 21:17 - 000000000 ____D C:\Users\Venom\AppData\Local\Ubisoft Game Launcher
2020-01-27 14:19 - 2018-10-20 15:26 - 000000000 ____D C:\Users\Venom\AppData\Local\Packages
2020-01-25 18:07 - 2019-04-25 13:46 - 000000000 ____D C:\Program Files (x86)\Doomsday 2.1.1
2020-01-25 16:39 - 2018-10-20 16:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-01-25 16:39 - 2018-10-20 15:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-24 22:39 - 2019-01-17 00:16 - 000000000 ____D C:\ProgramData\Origin
2020-01-24 22:38 - 2019-01-17 00:16 - 000000000 ____D C:\Users\Venom\AppData\Roaming\Origin
2020-01-24 22:37 - 2019-01-17 00:16 - 000000000 ____D C:\Users\Venom\AppData\Local\Origin
2020-01-24 22:37 - 2019-01-17 00:16 - 000000000 ____D C:\Program Files (x86)\Origin
2020-01-24 21:54 - 2018-10-20 16:43 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-01-24 20:22 - 2018-12-01 12:53 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-01-23 16:48 - 2019-02-02 16:01 - 000000912 _____ C:\Users\Venom\Desktop\Diablo II - Lord of Destruction - PlugY.lnk
2020-01-22 11:53 - 2018-10-20 15:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 21:47 - 2018-10-20 15:55 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 11:32 - 2019-12-02 16:55 - 000004576 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-21 11:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-21 11:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-14 22:38 - 2018-10-20 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-14 22:38 - 2018-10-20 17:54 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-14 22:37 - 2018-10-20 17:54 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-14 20:07 - 2019-12-02 16:43 - 000339000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-14 20:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-14 20:05 - 2018-10-20 16:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-14 20:01 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-14 20:01 - 2018-10-20 16:29 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 20:39 - 2019-03-22 15:27 - 000000118 _____ C:\Users\Venom\Desktop\Resty.txt

==================== Files in the root of some directories ========

2019-07-11 22:02 - 2019-07-11 22:02 - 000332800 _____ () C:\Users\Venom\AppData\Roaming\patcher.dll
2018-10-21 13:24 - 2019-01-31 18:42 - 000007670 _____ () C:\Users\Venom\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Venom (09-02-2020 15:40:29)
Running from C:\Users\Venom\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2019-12-02 15:55:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3985067572-2050150969-3629286671-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3985067572-2050150969-3629286671-503 - Limited - Disabled)
Guest (S-1-5-21-3985067572-2050150969-3629286671-501 - Limited - Disabled)
Venom (S-1-5-21-3985067572-2050150969-3629286671-1001 - Administrator - Enabled) => C:\Users\Venom
WDAGUtilityAccount (S-1-5-21-3985067572-2050150969-3629286671-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activision(R) (HKLM-x32\...\{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blood: Fresh Supply (HKLM-x32\...\1374469660_is1) (Version: 1.9.10 - GOG.com)
Command & Conquer 3 (HKLM-x32\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Command & Conquer™ 3: Kane's Wrath (HKLM-x32\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Electronic Arts Inc.)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doomsday 2.2.1.3299 (HKLM-x32\...\{C9F07A85-51FA-484E-8849-A130226F903A}) (Version: 2.2.1.3299 - dengine.net)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Far Cry (HKLM-x32\...\1207658750_is1) (Version: 1.40 hotfix - GOG.com)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\1207659126_is1) (Version: 2.1.0.22 - GOG.com)
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12430.20184 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 72.0.2 (x64 sk)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 68.4.2 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 68.4.2 (x86 sk)) (Version: 68.4.2 - Mozilla)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
One Unit Whole Blood (HKLM-x32\...\1207658856_is1) (Version: 1.21 hotfix - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.59.36848 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
Painkiller Black (HKLM-x32\...\1207658715_is1) (Version: 1.64 lang update - GOG.com)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 11.02 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake 4(TM) (HKLM-x32\...\{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.2 - Název společnosti:) Hidden
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.2 - Název společnosti:)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.28.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1024 - SUPERAntiSpyware.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.22a - Ghisler Software GmbH)
TS Compatibility Fix (HKLM\...\{3f4535f8-e996-4cf1-bb6d-66eb87969155}.sdb) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 83.0 - Ubisoft)
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wolfenstein (HKLM-x32\...\{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Licomp EMPiK Multimedia) Hidden
Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.2 - Licomp EMPiK Multimedia)
Wolfenstein(TM) 1.2 Patch (HKLM-x32\...\{91C514E8-C92E-48E4-BDEE-DE3407837194}) (Version: 1.2 - Activision) Hidden
Wolfenstein(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}) (Version: - ) Hidden
X-Men Origins - Wolverine(TM) (HKLM-x32\...\InstallShield_{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}) (Version: 1.00.0000 - Activision)

Packages:
=========
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-17 00:16 - 2019-06-11 07:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-01-17 00:16 - 2019-06-11 07:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-01-17 00:16 - 2019-07-12 08:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-01-24 22:37 - 2019-07-12 08:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3985067572-2050150969-3629286671-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Venom\Pictures\sottr_wallpaper_1920x1080.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1E280DB2-C7BC-4D84-9FE1-8B411334B86C}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{46260538-9C8D-48F1-A9A5-BAFB50E2BC5F}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{489DC09C-2159-4A04-BA43-2645DFABC830}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D59514D1-51AF-43BA-9F8C-696DF96A81E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EC006EA9-C871-4D69-A2EC-9D27352B2817}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{02B9B2BA-AEC5-446B-B437-081F711A6939}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{276B596E-8EA3-4C8F-BBCC-369342A37D38}] => (Allow) D:\Hry\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{B89FB130-78CF-414D-8DC9-1929CA67BEAA}] => (Allow) D:\Hry\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{32F67AD9-DAC2-4A53-B67F-3E31197F21D8}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{1D129FA5-37CD-40C7-AF2B-C624774805F3}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{8AED3F7C-8F48-4E4A-8536-2C6B19416CD1}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{8101D54F-632F-4304-B02E-F3C94B7E0776}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{D9CF94A2-50BB-45F6-AA9E-8E3A5893F78B}] => (Allow) D:\Hry\Steam\steamapps\common\Contra Anniversary Collection\game.exe () [File not signed]
FirewallRules: [{A12561FF-2D55-4448-96B0-AB391DE8BB6E}] => (Allow) D:\Hry\Steam\steamapps\common\Contra Anniversary Collection\game.exe () [File not signed]
FirewallRules: [{08ED5D10-6C82-45EE-B1D5-205EF1E2AB53}] => (Allow) D:\Hry\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{2216A676-D502-4308-B3FC-34DF8C17AD67}] => (Allow) D:\Hry\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{AA62E8E8-6989-41FD-B2F9-74646D6686AF}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE 2\RAGE2.exe () [File not signed]
FirewallRules: [{BE1658B2-1795-40BB-AC93-6D9281F7FBD6}] => (Allow) D:\Hry\Steam\steamapps\common\RAGE 2\RAGE2.exe () [File not signed]
FirewallRules: [{4E0E9879-A97F-4B3F-9BE0-CB3EDFE3B7A5}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\build.exe () [File not signed]
FirewallRules: [{5F5B199E-E4B6-465E-95E0-B56CCB164101}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\build.exe () [File not signed]
FirewallRules: [{D889FA0F-C64D-4116-BD7D-B280308D3A3D}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{737FC712-3875-4D7B-B40A-92FDC8703AEC}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\dosbox\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{06ECEA8E-CCE3-427E-B542-C3AB5F378487}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\sw.exe (General Arcade) [File not signed]
FirewallRules: [{EDDCE3C1-7ED2-4D64-9C57-C77520B3D5BA}] => (Allow) D:\Hry\Steam\steamapps\common\Shadow Warrior Classic\bin\sw.exe (General Arcade) [File not signed]
FirewallRules: [{5ECF96B9-8E46-446A-B548-28E9E7815472}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{005C7A0C-5B32-4E1F-B365-DF176D963B42}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{00579ABB-4121-49D5-B257-C085E74AAFFF}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{37008BBD-7904-4728-84C5-3A11B3757FF5}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{2CD92116-022F-40C6-944C-5E1E649C81C7}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{BD411282-25F6-4603-8B06-03ABAFB589F8}] => (Allow) D:\Hry\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{1EA8A7A9-ED8B-48B6-9EAC-619CEBE8BE3A}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{6D7A2BF5-AEF9-4405-A3BE-7A6FA4E1D278}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen Deathkings of the Dark Citadel\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{86BA8D07-9635-4952-B293-440AE9AC3095}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{2A9C722A-6801-4BCC-B10A-033E6DB6280E}] => (Allow) D:\Hry\Steam\steamapps\common\Hexen\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{D1000F66-337D-4776-9CD2-ED7842C1EC6F}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders 2\Darksiders2.exe () [File not signed]
FirewallRules: [{D2CD7C0F-239A-44D3-8496-FC828111F06B}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders 2\Darksiders2.exe () [File not signed]
FirewallRules: [{B7729151-DEFA-41B6-9285-288EA0CFCD13}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{813CB032-F59A-40FE-9E9E-21B9EDD444F8}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{FFE7D15A-7F2D-43B7-BB1F-FA629BCF85FC}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{F8A1F584-50ED-412B-85ED-203AC04ECC44}] => (Allow) D:\Hry\Steam\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{57D0DE31-7616-4FEE-AB8A-33496A0D9C6B}] => (Allow) D:\Hry\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{6C8146FE-A31C-4A86-AFEF-5246002AED5C}] => (Allow) D:\Hry\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{8ECEE0C8-12F6-46F8-BD97-B2D5884A947D}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe () [File not signed]
FirewallRules: [{234C0F01-F7D0-4BF4-8C9F-18B50F8B166D}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe () [File not signed]
FirewallRules: [{6D863442-1795-43B2-B352-B77A931CB2DE}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe () [File not signed]
FirewallRules: [{09C907DF-C598-41D4-9C00-242BFF89C0A4}] => (Allow) D:\Hry\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe () [File not signed]
FirewallRules: [{69EDE904-DDD1-47A2-9165-60F060AB85B2}] => (Allow) D:\Hry\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{74D895F9-852A-4D84-AD90-6CE3E297410D}] => (Allow) D:\Hry\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{E954C4D8-7382-4178-AEAF-AC854F8A8E0C}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{22F01021-CDE6-4008-8753-A0C444FF7829}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{E2B70C6B-DBE3-4E2A-A73A-ECE550520568}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{A2726103-AA6B-4FF5-81E4-618C8ADB22EA}] => (Allow) D:\Hry\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{77F532BB-73F6-47B2-A932-C08779C59E8D}] => (Allow) D:\Hry\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{605FB031-C27C-4E31-8322-7E0658BD86B4}] => (Allow) D:\Hry\Dead Space 3\deadspace3.exe (Electronic Arts -> Electronic Arts Inc.)
FirewallRules: [{4F7846DC-D49B-4666-8140-76024FFE7EB4}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MPLite.exe (Activision Publishing -> Activision)
FirewallRules: [{B3D955AE-DE6F-416E-90F5-DD03CF046703}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MPLite.exe (Activision Publishing -> Activision)
FirewallRules: [{68B866AD-DF13-4D99-84CC-C34DC5C4DA2C}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MP.exe (Activision Publishing -> Activision)
FirewallRules: [{BF7BDC92-FD48-4366-BF9C-A8D44D0A36B1}] => (Allow) D:\Hry\Wolfenstein\MP\Wolf2MP.exe (Activision Publishing -> Activision)
FirewallRules: [{7C13971D-7682-43AA-9F07-521E41ED9563}] => (Allow) D:\Hry\Steam\steamapps\common\Final Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{BD05AAF7-2E58-4718-895D-632CAF726E9A}] => (Allow) D:\Hry\Steam\steamapps\common\Final Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{FC801DD5-B81B-49A6-9F54-CA2BE68CF423}] => (Allow) D:\Hry\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{369C7B91-F968-4A3F-BD24-C6F0A15683B4}] => (Allow) D:\Hry\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{AE19ECAC-AC48-4FEC-9B86-948EA149E5BE}] => (Allow) D:\Hry\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{A5606F74-6598-4055-98A9-1B3CBE8056A5}] => (Allow) D:\Hry\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{29105911-351D-40E5-BE79-949CD6B063E1}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{542D3E95-1B51-4BB9-929F-91B3A82F045C}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{EA07C14A-1AED-4B56-9A11-DC111B283EFB}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{039EA02E-C927-462B-B376-BA552627B66A}] => (Allow) D:\Hry\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{CE953309-41D2-4602-908A-943C113D4370}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71F5B9EB-C459-49D7-8C33-337D92B25AD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1291AB4B-5CBC-45E4-9C86-7C1A0EA37A24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D378DDD2-C3E8-4AFD-99DE-000EB79BFC7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B19BB414-006C-4AF2-A619-3A31C1E009CF}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe () [File not signed]
FirewallRules: [{508DF684-22D4-4469-A901-CC8978B2CD10}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 4\Launcher\SniperElite4.exe () [File not signed]
FirewallRules: [{8F831E99-0A95-4FD9-9045-BFE27ECE4475}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{AD6AD1A2-0D16-4C3A-94D9-02CD50AC9BB1}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein The Old Blood\WolfOldBlood_x64.exe (MachineGames) [File not signed]
FirewallRules: [{2CEF7128-B32C-4F1F-833B-52BC0B719C04}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed]
FirewallRules: [{FF9BF310-C60D-4A72-890E-C2F2A1B07B0A}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.II.The.New.Colossus\NewColossus_x64vk.exe (MachineGames Sweden AB) [File not signed]
FirewallRules: [{06CB29E5-1583-41F4-A1E6-99216FF7ECC2}] => (Allow) D:\Hry\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{9BBE4261-44AF-4EAF-86F7-8073B9E69313}] => (Allow) D:\Hry\Steam\steamapps\common\DOOM\DOOMx64.exe (id Software) [File not signed]
FirewallRules: [{76B0D471-C0E3-476F-8DA2-F8A685A93266}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{76FB6662-0152-441B-AE04-91C7098D637A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF7B49FF-9847-4C6C-B900-763E7A797525}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{35AA3E1A-6B90-4AA9-9BAD-168DC447758C}] => (Allow) D:\Hry\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{1F49459E-7725-4265-8C62-5590B9DCE8CE}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [File not signed]
FirewallRules: [{09CC7EAF-E2A9-49A5-BAB6-2929D3319046}] => (Allow) D:\Hry\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [File not signed]
FirewallRules: [{148F0C9B-1036-4B21-9148-08F60FFB3594}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{CE1D2DCE-6487-4E83-BD5E-07DC01B800EA}] => (Allow) D:\Hry\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{CC4EFE15-6460-41AF-8D79-C76205CEDA93}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{44ED93A8-4FC1-4495-97F2-CC978BE92929}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{EBEBB338-9FCB-477D-9FF7-108B86C718D8}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11_DX12.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{34925B51-2943-4F24-8605-AE3A8B289D1B}] => (Allow) D:\Hry\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11_DX12.exe (WB Games, Inc.) [File not signed]

==================== Restore Points =========================

09-02-2020 13:30:35 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/09/2020 03:41:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/09/2020 01:29:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba ESENT: -1032.

Error: (02/09/2020 01:29:11 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Catalog Database (4100,D,50) Catalog Database: An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (02/09/2020 01:12:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/09/2020 04:35:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9252,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/09/2020 01:08:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7484,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/08/2020 09:43:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1276,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/08/2020 09:11:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7200,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (02/04/2020 06:55:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (02/02/2020 06:36:38 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13

Error: (01/21/2020 11:37:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.


CodeIntegrity:
===================================

Date: 2020-02-09 13:05:54.614
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-02-09 13:05:54.610
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-02-09 13:05:54.521
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-02-09 13:03:42.895
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-09 13:03:42.890
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-09 13:03:42.885
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-09 13:03:42.878
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-02-09 13:03:42.870
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0309 03/04/2016
Motherboard: ASUSTeK COMPUTER INC. A88XM-A/USB 3.1
Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 28%
Total physical RAM: 16320.96 MB
Available physical RAM: 11705.09 MB
Total Virtual: 18752.96 MB
Available Virtual: 11681.34 MB

==================== Drives ================================

Drive c: (Lambda Core 1) (Fixed) (Total:118.64 GB) (Free:68.9 GB) NTFS
Drive d: (Lambda Core 2) (Fixed) (Total:931.51 GB) (Free:187.97 GB) NTFS

\\?\Volume{39dc9e51-8fab-43c6-87e1-ed12abfa4e25}\ (Obnovenie) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{98ec4cb0-31ac-48a7-98cd-2e6bf0df4988}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 97CFFCFF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3B8C3BC1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: FRST Preventívka

Napsal: 09 úno 2020 23:06
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: FRST Preventívka

Napsal: 10 úno 2020 10:58
od Venom
Ahoj, scan spravím dnes, len neskôr, teraz nie som pri tom počítači....no a chcem sa spýtať, našiel si niečo v tých logoch podozrivého?

// tu je ten log, nenašlo mi vôbec nič...

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-10-2020
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 34824
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1406 octets] - [10/02/2020 11:01:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: FRST Preventívka

Napsal: 10 úno 2020 22:18
od Conder
FRST logy vyzeraju OK, iba precistime zbytocnosti. Poprosim o obidva nove logy z FRST.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz