Preventivka PC

Zpráva

zulo · #1 Příspěvek od **zulo** » 22 pro 2020 15:30

Zdravím, poprosim o kontrolu logu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Roman (administrator) on ROMAN (22-12-2020 15:22:32)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera.exe <13>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera_crashreporter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {f94f4ee2-3681-11eb-846c-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {100C66E6-3EAE-491E-A8FB-C1172B10F612} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3DB0FB5E-1637-45B2-9715-AC64C9E7845C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4D6E98B2-A6F6-494C-9A59-0727F5DFDC92} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {60509CE4-F01F-46CF-9754-A3B5C2CB68B4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {624ADCA9-7CDA-47ED-A022-E9A8831C0388} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7E71EE1E-7D25-48FD-976E-141AE68324C1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FF5FAA1-B481-46E1-84D9-8BBE61486B7F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {92FE77EF-5FCD-4BCA-9D3B-0D02B77FDC05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {B5662160-1169-489E-8AE1-FF9675E271A5} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C1EB50C8-35BD-4C42-90F8-AA4AAC2CB2AF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C3D45F8E-51B2-4650-9749-4F0C34BB999A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {D17B45A5-D326-4BFB-9A5E-F897A9D8ABA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {DE729A8D-DCD4-454B-98AD-C1E9148094F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{132dfb21-73ef-4cbc-a6cd-d65add0efd4b}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{132dfb21-73ef-4cbc-a6cd-d65add0efd4b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1bfd3239-9f4d-46c5-b5ff-02200c7fd712}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4109e129-b75e-48f4-951b-1116776fcb0f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6944c495-3a64-47fb-a908-00852bb57cf1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7ffcbc2a-d1df-46e4-a33d-35ce50cc27d1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [DhcpNameServer] 192.168.0.1

Edge:
======
DownloadDir: C:\Users\Roman\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001 -> hxxp://google.sk/
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-21]
Edge DownloadDir: C:\Users\Roman\Downloads
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"

FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2017-09-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR DownloadDir: C:\Users\Roman\Desktop
OPR Notifications: hxxps://answear.sk; hxxps://cudalbapt.com; hxxps://glavmatures.com; hxxps://planetlagu.wepqu.com; hxxps://sharez.cc; hxxps://www113.zippyshare.com; hxxps://www13.zippyshare.com; hxxps://www68.zippyshare.com; hxxps://www91.zippyshare.com
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-21] (Adobe Inc. -> Adobe)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47072 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129208 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-22 15:06 - 2020-12-22 15:24 - 000025279 _____ C:\Users\Roman\Desktop\FRST.txt
2020-12-22 15:05 - 2020-12-22 15:23 - 000000000 ____D C:\FRST
2020-12-22 14:43 - 2020-12-22 14:43 - 002286592 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-12-21 20:45 - 2020-12-21 22:57 - 000487569 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-21 20:42 - 2020-12-21 20:42 - 000002138 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2020-12-21 20:42 - 2020-12-21 20:42 - 000002138 _____ C:\ProgramData\Desktop\COMODO Internet Security Premium.lnk
2020-12-21 20:41 - 2019-10-22 19:02 - 000017576 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdboot.sys
2020-12-21 17:57 - 2020-12-21 17:57 - 000000000 ____D C:\Users\Roman\AppData\Local\setup
2020-12-21 17:57 - 2020-12-21 17:57 - 000000000 ____D C:\Users\Roman\AppData\Local\cache
2020-12-21 17:56 - 2020-12-21 17:56 - 000000000 ____D C:\Users\Roman\AppData\Local\RadeonInstaller
2020-12-21 17:56 - 2020-12-21 17:56 - 000000000 ____D C:\Users\Roman\AppData\Local\AMD_Common
2020-12-21 17:17 - 2020-12-21 17:17 - 000001779 _____ C:\Users\Roman\Desktop\Java.lnk
2020-12-21 13:37 - 2020-12-21 13:38 - 000000000 ____D C:\Program Files\AMD Quick Stream
2020-12-21 13:37 - 2020-12-21 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2020-12-21 13:37 - 2015-04-03 01:14 - 000229056 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2020-12-21 12:58 - 2020-12-21 12:58 - 000001579 __RSH C:\WINDOWS\SysWOW64\{1606DC18-9578-4cbd-8312-8E9868F06A1D}.conf
2020-12-21 12:58 - 2020-12-21 12:58 - 000000780 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2020-12-21 12:53 - 2020-12-21 12:53 - 000000009 _____ C:\ProgramData\updateFailed.txt
2020-12-20 22:41 - 2020-12-20 22:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-20 22:41 - 2020-12-20 22:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-20 22:40 - 2020-12-20 22:40 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-20 22:23 - 2020-12-22 15:13 - 000107314 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-20 22:23 - 2020-12-20 22:23 - 000003216 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-12-20 22:23 - 2020-12-20 22:23 - 000000000 ___HD C:\VTRoot
2020-12-20 21:52 - 2020-12-20 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-12-20 21:50 - 2020-12-20 21:51 - 000000000 ____D C:\Program Files\LibreOffice
2020-12-20 21:38 - 2020-12-20 21:37 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-20 21:37 - 2020-12-20 21:37 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-14 15:02 - 2020-12-14 15:02 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Neos Eureka S.r.l
2020-12-09 16:17 - 2020-12-09 16:17 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 16:17 - 2020-12-09 16:17 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 16:17 - 2020-12-09 16:17 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-04 12:40 - 2020-12-04 12:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-04 12:40 - 2020-12-04 12:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-04 12:40 - 2020-12-04 12:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-04 12:40 - 2020-12-04 12:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-04 12:39 - 2020-12-04 12:39 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-04 12:39 - 2020-12-04 12:39 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-04 12:39 - 2020-12-04 12:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-04 12:39 - 2020-12-04 12:39 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-04 12:38 - 2020-12-04 12:38 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-04 12:38 - 2020-12-04 12:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-22 15:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-22 15:21 - 2020-06-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-22 10:49 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2020-12-22 10:49 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2020-12-22 10:48 - 2020-06-28 18:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-21 23:08 - 2020-06-28 16:39 - 000000000 ____D C:\Users\Roman
2020-12-21 22:55 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-21 22:07 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-12-21 21:48 - 2020-06-28 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-21 21:47 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-21 21:46 - 2018-06-24 23:32 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2020-12-21 21:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-21 21:39 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-21 21:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-21 21:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-21 21:21 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-21 21:21 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-21 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-21 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-21 21:21 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-12-21 21:19 - 2014-12-28 14:09 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Macromedia
2020-12-21 21:19 - 2013-09-26 10:26 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Adobe
2020-12-21 21:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-21 20:42 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2020-12-21 20:42 - 2015-09-21 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2020-12-21 20:41 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-21 18:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-21 18:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-21 18:43 - 2014-12-26 00:36 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-21 18:05 - 2016-09-03 02:38 - 000000000 ____D C:\AMD
2020-12-21 18:04 - 2014-12-28 14:04 - 000000000 ____D C:\Users\Roman\AppData\Roaming\AMD
2020-12-21 18:04 - 2014-12-26 23:05 - 000000000 ____D C:\Program Files (x86)\AMD
2020-12-21 17:56 - 2017-09-17 14:41 - 000000000 ____D C:\ProgramData\AMD
2020-12-21 17:56 - 2017-09-17 14:40 - 000000000 ____D C:\Program Files\AMD
2020-12-21 17:28 - 2017-04-01 21:29 - 000001088 _____ C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2020-12-21 17:16 - 2014-12-26 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-21 17:15 - 2014-12-26 00:36 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-12-21 15:37 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-21 15:23 - 2013-08-07 16:38 - 000000000 ____D C:\Users\Roman\AppData\Roaming\ICQ
2020-12-21 14:26 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-21 13:58 - 2014-12-27 22:37 - 005514400 _____ C:\WINDOWS\PE_Rom.dll
2020-12-21 13:57 - 2017-11-17 01:01 - 000000000 _____ C:\WINDOWS\Path.idx
2020-12-21 13:37 - 2020-06-28 20:08 - 000000939 _____ C:\Users\Public\Desktop\AMD Quick Stream.lnk
2020-12-21 13:37 - 2020-06-28 20:08 - 000000939 _____ C:\ProgramData\Desktop\AMD Quick Stream.lnk
2020-12-21 12:58 - 2016-02-16 18:52 - 000002154 _____ C:\Users\Roman\Desktop\ICQ.lnk
2020-12-20 22:50 - 2018-12-30 11:18 - 000000891 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2020-12-20 22:41 - 2019-06-08 09:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-20 22:41 - 2019-06-08 09:53 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-20 22:40 - 2019-06-08 09:53 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-20 22:35 - 2014-12-28 19:22 - 000001787 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000001787 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000001733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000000000 ____D C:\Program Files\CDBurnerXP
2020-12-20 21:59 - 2020-06-28 18:00 - 000459464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-20 21:55 - 2020-10-04 10:20 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-20 21:55 - 2020-10-04 10:20 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-20 21:55 - 2020-06-28 18:34 - 000003298 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2020-12-20 21:55 - 2020-06-28 18:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-20 21:55 - 2020-06-28 18:34 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-20 21:55 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-20 21:53 - 2018-02-01 20:42 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2020-12-20 21:53 - 2018-02-01 20:42 - 000001173 _____ C:\ProgramData\Desktop\LibreOffice.lnk
2020-12-20 21:37 - 2020-09-01 18:36 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-20 21:37 - 2020-04-02 18:52 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-20 21:37 - 2019-01-14 17:35 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-20 21:37 - 2018-10-09 18:09 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-20 21:37 - 2018-06-20 18:02 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-20 21:37 - 2017-11-10 19:43 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-20 21:32 - 2015-11-17 21:47 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-12-20 21:32 - 2015-11-17 21:47 - 000000914 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-12-19 12:08 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-16 17:34 - 2019-10-06 14:36 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-12-16 17:34 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2020-12-14 15:13 - 2014-12-26 00:23 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Ulozto File Manager
2020-12-14 15:12 - 2018-12-29 11:40 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000899 _____ C:\Users\Public\Desktop\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000899 _____ C:\ProgramData\Desktop\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000000 ____D C:\Program Files\Ulozto File Manager
2020-12-13 21:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 16:16 - 2016-02-06 13:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 20:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\System
2020-12-09 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-07 20:49 - 2019-05-26 12:18 - 000002146 _____ C:\Users\Roman\Desktop\iCloud.lnk
2020-12-07 20:49 - 2016-02-18 17:55 - 000001839 _____ C:\Users\Roman\Desktop\GX GAMING CAVIMANUS HEADSET.lnk
2020-12-07 20:49 - 2015-07-20 15:23 - 000001428 _____ C:\Users\Roman\Desktop\IM Magician.lnk
2020-12-07 20:49 - 2014-12-29 13:47 - 000001775 _____ C:\Users\Roman\Desktop\Photo Gallery.lnk
2020-12-07 20:49 - 2014-12-29 13:46 - 000001734 _____ C:\Users\Roman\Desktop\MovieMaker.lnk
2020-12-07 20:49 - 2014-12-28 14:17 - 000001733 _____ C:\Users\Roman\Desktop\AI Suite.lnk
2020-12-07 20:49 - 2014-12-26 00:28 - 000000979 _____ C:\Users\Roman\Desktop\TechPowerUp GPU-Z.lnk
2020-12-07 20:49 - 2014-10-31 02:53 - 000002181 _____ C:\Users\Roman\Desktop\Opera Mail.lnk
2020-12-07 20:49 - 2014-08-20 17:44 - 000001080 _____ C:\Users\Roman\Desktop\SpeedFan.lnk
2020-12-07 20:49 - 2012-12-17 15:57 - 000001503 _____ C:\Users\Roman\Desktop\Internet Explorer.lnk
2020-12-07 20:49 - 2012-12-17 15:50 - 000001634 _____ C:\Users\Roman\Desktop\Windows Media Player.lnk
2020-12-04 23:19 - 2020-06-28 18:13 - 000911836 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-04 23:19 - 2014-03-30 16:06 - 000067138 _____ C:\WINDOWS\system32\perfh01B.dat
2020-12-04 23:19 - 2014-03-30 16:06 - 000020428 _____ C:\WINDOWS\system32\perfc01B.dat
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories ========

2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2020-03-18 18:15 - 2020-02-27 06:46 - 000451456 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2015-01-15 16:35 - 2015-01-15 16:36 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-01 21:27 - 2020-08-15 09:52 - 000001652 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2020-12-21 17:28 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

zulo · #2 Příspěvek od **zulo** » 22 pro 2020 15:31

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Roman (22-12-2020 15:25:24)
Running from C:\Users\Roman\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-28 17:35:58)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Internet Security Premium (HKLM\...\{0B6EEF71-4118-4836-9448-BB7546AB5EBC}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Components Setup (HKLM-x32\...\{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}) (Version: 1.00.0000 - Vimicro Corporation) Hidden
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ICQ New (version 10.0.43158) (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\icq.desktop) (Version: 10.0.43158 - Mail.ru LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{27F4A2D5-E9CF-40A1-BEE2-50ECB34E48EB}) (Version: 12.11.0.26 - Apple Inc.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2020.06.09.40 - PandoraTV)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 73.0.3856.284 (HKLM-x32\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TP-LINK TL-WN822N (HKLM-x32\...\{54D158A1-EAC0-478E-99A9-2545E8035398}) (Version: 1.0.0 - TP-Link)
Ulož.to FileManager 2.82 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.82 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.91 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1920.1.0_x86__kgqvnymyfvs32 [2020-12-16] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2020-12-21 21:48 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000512000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000212992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\AcpiServiceVnA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audioLibVc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64F3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64AF3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ICEsoundAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO5064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO6064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO7064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPOShell64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioRealtek64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxSpeechAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MISS_APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOlfx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NahimicAPONSControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICV2apo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SECOMN64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEHDRA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosasfapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\toseaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaemaxapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RltkAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SECOMN32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Roman\Desktop\File-share.top Manager.exe:$CMDTCID [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 4: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Wi-Fi 4: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi 4: AppEx Networks Accelerator -> appex_acc (enabled)
Wi-Fi 4: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Ethernet 1: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet 1: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Ethernet 1: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet 1: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88849636-51D8-4DA3-A686-BBB667814EE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF238288-3FA2-4AD0-902D-5D7559556033}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3F5D9CAF-E178-4A9F-BE5C-2C635ED47C86}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{76E00E1C-3D76-42FD-A305-61CD64D34191}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F6413CCB-D267-43B9-860A-CC37B3F6A078}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{268BEB61-A2F7-4D71-BB2E-2AE6EBBCAEA3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45C33DF1-53B3-4813-A815-FF2C2DE2E066}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D31593D2-BE5C-48BB-BDB6-22F914EEB791}] => (Allow) C:\Program Files\Opera\73.0.3856.257\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3BD4622B-8B8C-499A-AE8E-8E788849FE66}] => (Allow) C:\Program Files\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{35E0FBA5-40B3-41F3-9208-A6A00F38A8EB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4EFA1784-86FB-4C4D-B1AA-AF6F94EB415D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{708E5CA1-6A45-4FBF-9CB3-E10ECEEED7C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C064FD01-1211-4E9A-9C4B-1E91DA4CF560}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8D4C0766-D1FD-41D4-9D11-2B75BF026BD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B959DFF-06E8-4E26-92D0-584FE7020479}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-12-2020 20:40:51 Installing COMODO Internet Security Premium

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2020 09:46:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AsDLNAServerReal.exe, verzia: 1.0.0.9, časová značka: 0x504db172
Názov chybujúceho modulu: DLNAHelper.dll, verzia: 1.0.0.9, časová značka: 0x504db18b
Kód výnimky: 0xc000000d
Odstup chyby: 0x0003c8c4
Identifikácia chybujúceho procesu: 0x1f08
Čas spustenia chybujúcej aplikácie: 0x01d6d7da4d069e21
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
Identifikácia hlásenia: d53b3698-3a52-4967-8ba4-739a6f9b88da
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/21/2020 09:44:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.546 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 238c

Start Time: 01d6d7d9fef07738

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: a28a8049-b2eb-4432-afbe-96a1a1d0d58f

Faulting package full name: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (12/21/2020 09:39:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/21/2020 09:39:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/21/2020 09:39:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/21/2020 09:39:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

System errors:
=============
Error: (12/21/2020 09:48:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:46:34 on ‎21.‎12.‎2020 was unexpected.

Error: (12/21/2020 09:04:51 PM) (Source: DCOM) (EventID: 10000) (User: ROMAN)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/21/2020 08:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby COMODO Internet Security Sandbox Driver zlyhalo kvôli nasledujúcej chybe:
Access is denied.

Error: (12/21/2020 08:41:54 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 26 failed to bind to its provider.

Error: (12/21/2020 08:41:54 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 26 failed to bind to its provider.

Error: (12/21/2020 06:47:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization sa pri spustení zablokovala.

Error: (12/21/2020 12:58:34 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv6 TCP/IP interface with index 26 failed to bind to its provider.

Error: (12/21/2020 12:58:34 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 26 failed to bind to its provider.

CodeIntegrity:
===================================

Date: 2020-12-22 15:23:41.1300000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 15:23:32.8430000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 15:08:02.3500000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 15:07:59.6990000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 14:58:02.5170000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 14:57:59.3620000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 14:50:59.7240000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-22 14:38:00.9850000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 58%
Total physical RAM: 7368.32 MB
Available physical RAM: 3028 MB
Total Virtual: 14792.32 MB
Available Virtual: 9730.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.59 GB) (Free:358.28 GB) NTFS

\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 23 pro 2020 17:50

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

zulo · #4 Příspěvek od **zulo** » 23 pro 2020 18:39

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-23-2020
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSAISuite Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{34D3688E-A737-44C5-9E2A-FF73618728E1}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1654 octets] - [23/12/2020 18:20:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#5 Příspěvek od **Rudy** » 23 pro 2020 18:47

Dejte nové logy FRST+Addition.

zulo · #6 Příspěvek od **zulo** » 23 pro 2020 19:05

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Roman (administrator) on ROMAN (23-12-2020 18:53:17)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera.exe <13>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera_crashreporter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {f94f4ee2-3681-11eb-846c-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series XPS: C:\WINDOWS\system32\CNMXLMAA.DLL [385024 2014-12-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05ED89B6-B8F0-4B4A-A841-0A6891AFF005} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {100C66E6-3EAE-491E-A8FB-C1172B10F612} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {155E4BE1-0AB6-40A9-A682-F24B9F1BF34D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {217282E2-CDE1-4A0B-B937-CF26C073A9B4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35C4ADBA-B30D-4D70-81C0-5BDED451CD4C} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [3993984 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {3DB0FB5E-1637-45B2-9715-AC64C9E7845C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41784A7D-A2D3-4291-ABF5-F8C5B1BF6434} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {423FC066-9811-4A95-97B6-47B68B5C9B9A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [1406776 2014-12-28] (ASUSTeK Computer Inc. -> )
Task: {4505F24E-5CC9-4D45-B1C0-0A373FFAD716} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {4D6E98B2-A6F6-494C-9A59-0727F5DFDC92} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {60509CE4-F01F-46CF-9754-A3B5C2CB68B4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {624ADCA9-7CDA-47ED-A022-E9A8831C0388} - System32\Tasks\Opera scheduled Autoupdate 1504285159 => C:\Program Files\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {66B6F192-4E6D-4702-9CDA-E715EB99E733} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1504285159" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" /ENABLE
Task: {66F5F7DA-09C1-4F2F-BCF1-588035919AF2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7596E029-5280-4CDC-86D4-7179D7090DC0} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7E71EE1E-7D25-48FD-976E-141AE68324C1} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FF5FAA1-B481-46E1-84D9-8BBE61486B7F} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {897F4D3C-D981-4058-AF99-B5DBAB9E58D8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {8F206440-D343-4D85-AD4A-3641A576B7FC} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {92FE77EF-5FCD-4BCA-9D3B-0D02B77FDC05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B1E82AE-24B2-4070-8241-7F93C245FBF1} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [1190400 2012-08-14] (ASUSTeK Computer Inc.) [File not signed]
Task: {B5662160-1169-489E-8AE1-FF9675E271A5} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C1EB50C8-35BD-4C42-90F8-AA4AAC2CB2AF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C3D45F8E-51B2-4650-9749-4F0C34BB999A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D03E3DE9-DD87-4BB4-AC02-D6B0F939B5AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {D17B45A5-D326-4BFB-9A5E-F897A9D8ABA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {D287C1FC-204E-491D-80EC-05A8510D8611} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [90112 2014-12-28] () [File not signed]
Task: {DE729A8D-DCD4-454B-98AD-C1E9148094F8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{132dfb21-73ef-4cbc-a6cd-d65add0efd4b}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{132dfb21-73ef-4cbc-a6cd-d65add0efd4b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1bfd3239-9f4d-46c5-b5ff-02200c7fd712}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4109e129-b75e-48f4-951b-1116776fcb0f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6944c495-3a64-47fb-a908-00852bb57cf1}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{74547168-27fa-4820-997b-69288ee87606}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7ffcbc2a-d1df-46e4-a33d-35ce50cc27d1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{d2e62f6c-faa7-4c2f-904f-fed63d1394d8}: [DhcpNameServer] 192.168.0.1

Edge:
======
DownloadDir: C:\Users\Roman\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1537523766-1934355744-2765702040-1001 -> hxxp://google.sk/
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-21]
Edge DownloadDir: C:\Users\Roman\Downloads
Edge HomePage: Default -> hxxp://google.sk/
Edge StartupUrls: Default -> "hxxp://google.sk/"

FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\AGExAAVN.default [2017-09-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR DownloadDir: C:\Users\Roman\Desktop
OPR Notifications: hxxps://answear.sk; hxxps://cudalbapt.com; hxxps://glavmatures.com; hxxps://planetlagu.wepqu.com; hxxps://sharez.cc; hxxps://www113.zippyshare.com; hxxps://www13.zippyshare.com; hxxps://www68.zippyshare.com; hxxps://www91.zippyshare.com
OPR Extension: (Rich Hints Agent) - C:\Users\Roman\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-21] (Adobe Inc. -> Adobe)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-12-28] (ASUSTeK Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-15] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-23] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2014-12-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2016-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-12-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47072 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129208 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2014-12-28] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 USBPNPA; C:\WINDOWS\system32\drivers\CM10864.sys [4326912 2012-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Electronics Inc)
R1 VDiskBus; C:\WINDOWS\System32\drivers\VDiskBus64.sys [42656 2014-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-23 18:53 - 2020-12-23 18:55 - 000026460 _____ C:\Users\Roman\Desktop\FRST.txt
2020-12-23 18:19 - 2020-12-23 18:21 - 000000000 ____D C:\AdwCleaner
2020-12-23 09:22 - 2020-12-23 09:22 - 008447152 _____ (Malwarebytes) C:\Users\Roman\Desktop\AdwCleaner.exe
2020-12-22 17:38 - 2020-12-22 17:38 - 000000000 ____D C:\ProgramData\Comodo Downloader
2020-12-22 15:05 - 2020-12-23 18:54 - 000000000 ____D C:\FRST
2020-12-22 14:43 - 2020-12-22 14:43 - 002286592 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2020-12-21 20:45 - 2020-12-23 18:33 - 000487569 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-21 20:42 - 2020-12-21 20:42 - 000002138 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2020-12-21 20:42 - 2020-12-21 20:42 - 000002138 _____ C:\ProgramData\Desktop\COMODO Internet Security Premium.lnk
2020-12-21 20:41 - 2019-10-22 19:02 - 000017576 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdboot.sys
2020-12-21 17:57 - 2020-12-21 17:57 - 000000000 ____D C:\Users\Roman\AppData\Local\setup
2020-12-21 17:57 - 2020-12-21 17:57 - 000000000 ____D C:\Users\Roman\AppData\Local\cache
2020-12-21 17:56 - 2020-12-21 17:56 - 000000000 ____D C:\Users\Roman\AppData\Local\RadeonInstaller
2020-12-21 17:56 - 2020-12-21 17:56 - 000000000 ____D C:\Users\Roman\AppData\Local\AMD_Common
2020-12-21 17:17 - 2020-12-21 17:17 - 000001779 _____ C:\Users\Roman\Desktop\Java.lnk
2020-12-21 13:37 - 2020-12-21 13:38 - 000000000 ____D C:\Program Files\AMD Quick Stream
2020-12-21 13:37 - 2020-12-21 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2020-12-21 13:37 - 2015-04-03 01:14 - 000229056 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2020-12-21 12:58 - 2020-12-21 12:58 - 000001579 __RSH C:\WINDOWS\SysWOW64\{1606DC18-9578-4cbd-8312-8E9868F06A1D}.conf
2020-12-21 12:58 - 2020-12-21 12:58 - 000000780 _____ C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2020-12-21 12:53 - 2020-12-21 12:53 - 000000009 _____ C:\ProgramData\updateFailed.txt
2020-12-20 22:41 - 2020-12-20 22:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-20 22:41 - 2020-12-20 22:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-20 22:40 - 2020-12-20 22:40 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-20 22:23 - 2020-12-23 18:52 - 000106568 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-20 22:23 - 2020-12-23 18:34 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-12-20 22:23 - 2020-12-20 22:23 - 000000000 ___HD C:\VTRoot
2020-12-20 21:52 - 2020-12-20 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-12-20 21:50 - 2020-12-20 21:51 - 000000000 ____D C:\Program Files\LibreOffice
2020-12-20 21:38 - 2020-12-20 21:37 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-20 21:37 - 2020-12-20 21:37 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-14 15:02 - 2020-12-14 15:02 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Neos Eureka S.r.l
2020-12-09 16:17 - 2020-12-09 16:17 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 16:17 - 2020-12-09 16:17 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 16:17 - 2020-12-09 16:17 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-04 12:40 - 2020-12-04 12:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-04 12:40 - 2020-12-04 12:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-04 12:40 - 2020-12-04 12:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-04 12:40 - 2020-12-04 12:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-04 12:39 - 2020-12-04 12:39 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-04 12:39 - 2020-12-04 12:39 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-04 12:39 - 2020-12-04 12:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-04 12:39 - 2020-12-04 12:39 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-04 12:39 - 2020-12-04 12:39 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-04 12:38 - 2020-12-04 12:38 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-04 12:38 - 2020-12-04 12:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-04 12:38 - 2020-12-04 12:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-23 18:48 - 2018-05-11 19:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-23 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-23 18:41 - 2018-06-24 23:32 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2020-12-23 18:39 - 2013-08-17 14:52 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-23 18:38 - 2014-12-26 18:55 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-23 18:37 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-23 18:37 - 2018-06-20 18:07 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2020-12-23 18:34 - 2020-10-04 10:20 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-23 18:34 - 2020-10-04 10:20 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-23 18:34 - 2020-06-28 18:34 - 000003298 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504285159
2020-12-23 18:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-23 18:33 - 2020-06-28 18:34 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-23 18:33 - 2020-06-28 18:34 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-23 18:33 - 2020-06-28 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-23 18:33 - 2020-06-28 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-23 18:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-23 18:32 - 2014-12-27 18:53 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-23 18:17 - 2020-06-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-23 15:56 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-23 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-23 13:21 - 2020-06-28 18:34 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-23 09:21 - 2013-08-17 15:21 - 000000000 ____D C:\Program Files\CCleaner
2020-12-22 18:19 - 2014-07-21 15:26 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-12-21 23:08 - 2020-06-28 16:39 - 000000000 ____D C:\Users\Roman
2020-12-21 21:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-21 21:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-21 21:21 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-21 21:21 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-21 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-21 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-21 21:21 - 2014-08-25 14:24 - 000000000 ____D C:\Users\Roman\AppData\Local\Adobe
2020-12-21 21:19 - 2014-12-28 14:09 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Macromedia
2020-12-21 21:19 - 2013-09-26 10:26 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Adobe
2020-12-21 21:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-21 20:42 - 2020-06-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2020-12-21 20:42 - 2015-09-21 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2020-12-21 20:41 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-21 18:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-21 18:43 - 2014-12-26 00:36 - 000000000 ____D C:\Program Files (x86)\Java
2020-12-21 18:05 - 2016-09-03 02:38 - 000000000 ____D C:\AMD
2020-12-21 18:04 - 2014-12-28 14:04 - 000000000 ____D C:\Users\Roman\AppData\Roaming\AMD
2020-12-21 18:04 - 2014-12-26 23:05 - 000000000 ____D C:\Program Files (x86)\AMD
2020-12-21 17:56 - 2017-09-17 14:41 - 000000000 ____D C:\ProgramData\AMD
2020-12-21 17:56 - 2017-09-17 14:40 - 000000000 ____D C:\Program Files\AMD
2020-12-21 17:28 - 2017-04-01 21:29 - 000001088 _____ C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2020-12-21 17:16 - 2014-12-26 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-21 17:15 - 2014-12-26 00:36 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-12-21 15:37 - 2018-07-13 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-21 15:23 - 2013-08-07 16:38 - 000000000 ____D C:\Users\Roman\AppData\Roaming\ICQ
2020-12-21 14:26 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-21 13:58 - 2014-12-27 22:37 - 005514400 _____ C:\WINDOWS\PE_Rom.dll
2020-12-21 13:57 - 2017-11-17 01:01 - 000000000 _____ C:\WINDOWS\Path.idx
2020-12-21 13:37 - 2020-06-28 20:08 - 000000939 _____ C:\Users\Public\Desktop\AMD Quick Stream.lnk
2020-12-21 13:37 - 2020-06-28 20:08 - 000000939 _____ C:\ProgramData\Desktop\AMD Quick Stream.lnk
2020-12-21 12:58 - 2016-02-16 18:52 - 000002154 _____ C:\Users\Roman\Desktop\ICQ.lnk
2020-12-20 22:50 - 2018-12-30 11:18 - 000000891 _____ C:\Users\Roman\Desktop\KMPlayer 64X.lnk
2020-12-20 22:41 - 2019-06-08 09:53 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-20 22:41 - 2019-06-08 09:53 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-20 22:40 - 2019-06-08 09:53 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-20 22:35 - 2014-12-28 19:22 - 000001787 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000001787 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000001733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-12-20 22:35 - 2014-12-28 19:22 - 000000000 ____D C:\Program Files\CDBurnerXP
2020-12-20 21:59 - 2020-06-28 18:00 - 000459464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-20 21:53 - 2018-02-01 20:42 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2020-12-20 21:53 - 2018-02-01 20:42 - 000001173 _____ C:\ProgramData\Desktop\LibreOffice.lnk
2020-12-20 21:37 - 2020-09-01 18:36 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-20 21:37 - 2020-04-02 18:52 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-20 21:37 - 2019-01-14 17:35 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-20 21:37 - 2019-01-05 16:15 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-20 21:37 - 2018-10-09 18:09 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-20 21:37 - 2018-06-20 18:02 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-20 21:37 - 2017-11-10 19:43 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-20 21:37 - 2017-09-25 11:43 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-20 21:32 - 2015-11-17 21:47 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-12-20 21:32 - 2015-11-17 21:47 - 000000914 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-12-19 12:08 - 2020-06-03 15:49 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 16:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-16 17:34 - 2019-10-06 14:36 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-12-16 17:34 - 2017-09-01 17:59 - 000000000 ____D C:\Program Files\Opera
2020-12-14 15:13 - 2014-12-26 00:23 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Ulozto File Manager
2020-12-14 15:12 - 2018-12-29 11:40 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000899 _____ C:\Users\Public\Desktop\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000899 _____ C:\ProgramData\Desktop\Ulož.to FileManager.lnk
2020-12-14 15:12 - 2018-12-29 11:40 - 000000000 ____D C:\Program Files\Ulozto File Manager
2020-12-13 21:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-11 16:16 - 2016-02-06 13:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 20:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\System
2020-12-09 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-07 20:49 - 2019-05-26 12:18 - 000002146 _____ C:\Users\Roman\Desktop\iCloud.lnk
2020-12-07 20:49 - 2016-02-18 17:55 - 000001839 _____ C:\Users\Roman\Desktop\GX GAMING CAVIMANUS HEADSET.lnk
2020-12-07 20:49 - 2015-07-20 15:23 - 000001428 _____ C:\Users\Roman\Desktop\IM Magician.lnk
2020-12-07 20:49 - 2014-12-29 13:47 - 000001775 _____ C:\Users\Roman\Desktop\Photo Gallery.lnk
2020-12-07 20:49 - 2014-12-29 13:46 - 000001734 _____ C:\Users\Roman\Desktop\MovieMaker.lnk
2020-12-07 20:49 - 2014-12-28 14:17 - 000001733 _____ C:\Users\Roman\Desktop\AI Suite.lnk
2020-12-07 20:49 - 2014-12-26 00:28 - 000000979 _____ C:\Users\Roman\Desktop\TechPowerUp GPU-Z.lnk
2020-12-07 20:49 - 2014-10-31 02:53 - 000002181 _____ C:\Users\Roman\Desktop\Opera Mail.lnk
2020-12-07 20:49 - 2014-08-20 17:44 - 000001080 _____ C:\Users\Roman\Desktop\SpeedFan.lnk
2020-12-07 20:49 - 2012-12-17 15:57 - 000001503 _____ C:\Users\Roman\Desktop\Internet Explorer.lnk
2020-12-07 20:49 - 2012-12-17 15:50 - 000001634 _____ C:\Users\Roman\Desktop\Windows Media Player.lnk
2020-12-04 23:19 - 2020-06-28 18:13 - 000911836 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-04 23:19 - 2014-03-30 16:06 - 000067138 _____ C:\WINDOWS\system32\perfh01B.dat
2020-12-04 23:19 - 2014-03-30 16:06 - 000020428 _____ C:\WINDOWS\system32\perfc01B.dat
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories ========

2020-03-18 18:15 - 2018-06-18 22:35 - 005513920 _____ (COMODO) C:\ProgramData\cisCADF.exe
2020-03-18 18:15 - 2020-02-27 06:46 - 000451456 _____ (COMODO) C:\ProgramData\cmdres.dll
2017-04-01 21:23 - 2017-04-01 21:25 - 000001032 _____ () C:\Users\Roman\AppData\Local\$RXWPGNZ.nast
2015-01-15 16:35 - 2015-01-15 16:36 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-01 21:27 - 2020-08-15 09:52 - 000001652 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.err
2017-04-01 21:29 - 2020-12-21 17:28 - 000001088 _____ () C:\Users\Roman\AppData\Local\File-share.top Manager.nast
2016-01-05 18:19 - 2017-04-01 20:46 - 000002574 _____ () C:\Users\Roman\AppData\Local\FSDownloader.err
2015-10-10 17:24 - 2017-04-01 21:21 - 000001096 _____ () C:\Users\Roman\AppData\Local\FSDownloader.nast
2014-12-25 19:18 - 2015-07-07 18:31 - 000001096 _____ () C:\Users\Roman\AppData\Local\MRDownloader.nast
2018-08-18 09:50 - 2018-08-18 09:51 - 000029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-01-04 20:46 - 2015-01-01 19:17 - 000007597 _____ () C:\Users\Roman\AppData\Local\Resmon.ResmonCfg
2013-08-07 16:36 - 2014-12-25 19:17 - 000001276 _____ () C:\Users\Roman\AppData\Local\SRDownloader.err
2013-08-07 16:37 - 2014-12-25 19:18 - 000001040 _____ () C:\Users\Roman\AppData\Local\SRDownloader.nast

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

zulo · #7 Příspěvek od **zulo** » 23 pro 2020 19:05

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Roman (23-12-2020 18:59:27)
Running from C:\Users\Roman\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-28 17:35:58)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1537523766-1934355744-2765702040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1537523766-1934355744-2765702040-503 - Limited - Disabled)
Guest (S-1-5-21-1537523766-1934355744-2765702040-501 - Limited - Disabled)
Roman (S-1-5-21-1537523766-1934355744-2765702040-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-1537523766-1934355744-2765702040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Internet Security Premium (HKLM\...\{0B6EEF71-4118-4836-9448-BB7546AB5EBC}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Components Setup (HKLM-x32\...\{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}) (Version: 1.00.0000 - Vimicro Corporation) Hidden
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Easy Setting Box (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.00 - Samsung)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0002 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
ICQ New (version 10.0.43158) (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\icq.desktop) (Version: 10.0.43158 - Mail.ru LLC)
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
iTunes (HKLM\...\{27F4A2D5-E9CF-40A1-BEE2-50ECB34E48EB}) (Version: 12.11.0.26 - Apple Inc.)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2020.06.09.40 - PandoraTV)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 73.0.3856.284 (HKLM-x32\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Skype verzia 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
STRIKE NX GAMEPAD (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TP-LINK TL-WN822N (HKLM-x32\...\{54D158A1-EAC0-478E-99A9-2545E8035398}) (Version: 1.0.0 - TP-Link)
Ulož.to FileManager 2.82 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.82 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.91 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1920.1.0_x86__kgqvnymyfvs32 [2020-12-16] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-12-26 23:06 - 2010-08-23 11:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-12-26 23:22 - 2014-12-30 01:37 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000972288 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 005771136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000208896 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-26 23:23 - 2012-06-19 12:56 - 001305600 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2014-12-28 01:14 - 2014-12-28 01:14 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000184320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 001621504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001622528 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000253952 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000883712 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001243136 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000846848 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000875520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000043520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-12-26 23:03 - 2010-06-29 11:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-26 23:21 - 2020-12-23 18:33 - 000026112 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-12-26 23:06 - 2010-08-09 22:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2014-12-26 23:22 - 2014-12-28 01:10 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2014-12-26 23:22 - 2012-07-05 13:32 - 000108544 ____N (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpi.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2014-12-28 01:12 - 2014-12-28 01:07 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsAcpi.dll
2014-12-26 23:06 - 2010-08-12 08:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 001016320 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2014-12-26 23:22 - 2012-07-05 13:31 - 000677376 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\asacpiEx.dll
2014-12-26 23:22 - 2012-08-14 17:42 - 001441792 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\DigiPowerControl.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2014-12-28 01:12 - 2014-12-28 01:12 - 001832448 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2014-12-26 23:23 - 2012-08-13 22:06 - 001379328 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2014-12-28 01:13 - 2014-12-28 01:13 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2014-12-26 23:22 - 2014-12-28 01:10 - 000221184 ____N (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2014-12-28 01:15 - 2014-12-28 01:15 - 001637888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2014-12-28 01:16 - 2014-12-28 01:16 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2014-12-28 01:12 - 2014-12-28 01:07 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\asacpiEx.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000532480 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll
2014-12-28 01:14 - 2014-12-28 01:14 - 000043520 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DirectoryWatcher.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\AcpiServiceVnA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audioLibVc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64F3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64AF3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ICEsoundAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO5064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO6064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO7064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPOShell64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioRealtek64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxSpeechAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MISS_APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOlfx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NahimicAPONSControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICV2apo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SECOMN64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEHDRA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosasfapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\toseaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaemaxapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RltkAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SECOMN32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Roman\Desktop\File-share.top Manager.exe:$CMDTCID [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 14:36 - 000000033 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-11-20 16:43 - 2020-08-22 14:09 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 4: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Wi-Fi 4: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi 4: AppEx Networks Accelerator -> appex_acc (enabled)
Wi-Fi 4: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)
Ethernet 1: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet 1: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled)
Ethernet 1: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet 1: Realtek NDIS Protocol Driver -> rtk_rtndpt60 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F9734F7-B3A6-403B-B9F2-2552540465A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4A5F93D2-F114-4BF0-8312-C5C1D8441316}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FC27284A-7461-48DD-903B-4CA170C9B72C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{74370363-92CA-4FC8-9724-0E0124DF05F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{81543A94-CF18-495B-BA8A-6E6766945CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C057B920-14F6-4FAF-A513-8AC779DD5DBD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88849636-51D8-4DA3-A686-BBB667814EE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF238288-3FA2-4AD0-902D-5D7559556033}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3F5D9CAF-E178-4A9F-BE5C-2C635ED47C86}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{76E00E1C-3D76-42FD-A305-61CD64D34191}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [{F9CC1A44-FD5E-4034-841E-AB0CAC0D7492}] => (Allow) LPort=1900
FirewallRules: [{E873B0F4-F571-43E1-9CE7-A00A2733CAD7}] => (Allow) LPort=2869
FirewallRules: [{B62070E8-9485-4D5A-9F94-7AC810663938}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{A7480067-2F62-463C-ACE3-BBE702A11955}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe () [File not signed]
FirewallRules: [{71348B08-3AF5-4709-9AAC-42F5F5044C67}] => (Allow) LPort=1900
FirewallRules: [{76FE403E-53A0-48D8-A203-CEA2531D4E67}] => (Allow) LPort=2869
FirewallRules: [{5FE20E9F-8571-4F76-AEE3-1A8715DEF9B3}] => (Allow) LPort=1900
FirewallRules: [{A93D50A1-B9D4-493F-BF04-4E9032F37631}] => (Allow) LPort=2869
FirewallRules: [{D01A36C5-FCB0-4CC1-B00A-175E255DC85E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{448DDF6E-0351-4959-883A-E5FB2B87C909}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{0F1D6433-69F1-489D-98A5-28E0340B15C1}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{82E9E268-623B-464F-8F0D-57F28336944B}] => (Allow) LPort=1900
FirewallRules: [{F91F3DD1-7C0E-4C40-B4D7-199EC4E3193B}] => (Allow) LPort=2869
FirewallRules: [{290B6ECE-5DD9-4E17-BD52-B26C10E6A96D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{AD2EBCAD-4AAE-4FD8-8314-8BD873DB85AE}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{1FB829DA-0F1C-4883-85CF-31879BCF8685}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{01C01B71-4848-4B7C-AD09-3DD608BCF125}] => (Allow) C:\Users\Roman\AppData\Local\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{D5DAD828-DA97-46B3-8EFB-622258E8158F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74AB47DB-79F4-4C1F-AC15-A4D9E228922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{149C9964-D03D-411C-BA34-E6F56F07A3F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F6413CCB-D267-43B9-860A-CC37B3F6A078}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{268BEB61-A2F7-4D71-BB2E-2AE6EBBCAEA3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45C33DF1-53B3-4813-A815-FF2C2DE2E066}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D31593D2-BE5C-48BB-BDB6-22F914EEB791}] => (Allow) C:\Program Files\Opera\73.0.3856.257\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3BD4622B-8B8C-499A-AE8E-8E788849FE66}] => (Allow) C:\Program Files\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{35E0FBA5-40B3-41F3-9208-A6A00F38A8EB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4EFA1784-86FB-4C4D-B1AA-AF6F94EB415D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{708E5CA1-6A45-4FBF-9CB3-E10ECEEED7C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C064FD01-1211-4E9A-9C4B-1E91DA4CF560}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8D4C0766-D1FD-41D4-9D11-2B75BF026BD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B959DFF-06E8-4E26-92D0-584FE7020479}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

21-12-2020 20:40:51 Installing COMODO Internet Security Premium
23-12-2020 18:20:31 AdwCleaner_BeforeCleaning_23/12/2020_18:20:28

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2020 06:41:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AsDLNAServerReal.exe, verzia: 1.0.0.9, časová značka: 0x504db172
Názov chybujúceho modulu: DLNAHelper.dll, verzia: 1.0.0.9, časová značka: 0x504db18b
Kód výnimky: 0xc000000d
Odstup chyby: 0x0003c8c4
Identifikácia chybujúceho procesu: 0x29e0
Čas spustenia chybujúcej aplikácie: 0x01d6d952c4dede22
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
Identifikácia hlásenia: 7b2f7640-fdca-4cfe-af18-daf0d438aa1d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/22/2020 05:42:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AsDLNAServerReal.exe, verzia: 1.0.0.9, časová značka: 0x504db172
Názov chybujúceho modulu: DLNAHelper.dll, verzia: 1.0.0.9, časová značka: 0x504db18b
Kód výnimky: 0xc000000d
Odstup chyby: 0x0003c8c4
Identifikácia chybujúceho procesu: 0x2af0
Čas spustenia chybujúcej aplikácie: 0x01d6d8815fe9ee0f
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
Identifikácia hlásenia: a09f4413-73be-4298-b241-ee7b97074957
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/22/2020 04:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15641

Error: (12/22/2020 04:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15641

Error: (12/22/2020 04:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/21/2020 09:46:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AsDLNAServerReal.exe, verzia: 1.0.0.9, časová značka: 0x504db172
Názov chybujúceho modulu: DLNAHelper.dll, verzia: 1.0.0.9, časová značka: 0x504db18b
Kód výnimky: 0xc000000d
Odstup chyby: 0x0003c8c4
Identifikácia chybujúceho procesu: 0x1f08
Čas spustenia chybujúcej aplikácie: 0x01d6d7da4d069e21
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
Identifikácia hlásenia: d53b3698-3a52-4967-8ba4-739a6f9b88da
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/21/2020 09:44:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.546 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 238c

Start Time: 01d6d7d9fef07738

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: a28a8049-b2eb-4432-afbe-96a1a1d0d58f

Faulting package full name: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (12/21/2020 09:39:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

System errors:
=============
Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/23/2020 06:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

CodeIntegrity:
===================================

Date: 2020-12-23 18:57:22.9010000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-23 18:48:48.9010000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-23 18:48:46.8480000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-23 18:48:44.8010000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-23 18:48:42.7480000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-23 18:48:40.6950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-23 18:48:22.6370000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-23 18:48:02.2660000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 6508 07/11/2014
Motherboard: ASUSTeK COMPUTER INC. F2A85-M
Processor: AMD A8-5600K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 52%
Total physical RAM: 7368.32 MB
Available physical RAM: 3521.93 MB
Total Virtual: 14792.32 MB
Available Virtual: 10830.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.59 GB) (Free:354.67 GB) NTFS

\\?\Volume{4ac0b608-46ea-11e2-be65-806e6f6e6963}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{d4a2e3b4-0000-0000-0000-a03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4A2E3B4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 23 pro 2020 20:00

Otevřte poznámkový blok a zkopírujte do něj:

Start
CloseProcesses:
AlternateDataStreams: C:\WINDOWS\system32\AcpiServiceVnA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audioLibVc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64F3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64AF3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ICEsoundAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO5064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO6064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO7064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPOShell64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioRealtek64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxSpeechAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MISS_APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOlfx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NahimicAPONSControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICV2apo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SECOMN64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEHDRA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosasfapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\toseaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaemaxapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RltkAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SECOMN32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Roman\Desktop\File-share.top Manager.exe:$CMDTCID [0]
FirewallRules: [UDP Query User{3F5D9CAF-E178-4A9F-BE5C-2C635ED47C86}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{76E00E1C-3D76-42FD-A305-61CD64D34191}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
C:\Program Files\Bonjour
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {f94f4ee2-3681-11eb-846c-50465db58091} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zulo · #9 Příspěvek od **zulo** » 23 pro 2020 20:31

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Roman (23-12-2020 20:14:56) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\WINDOWS\system32\AcpiServiceVnA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AERTAR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdave64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atisamu64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audioLibVc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Cmeau108.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\CNC280C.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280I.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNC280O.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNHMCA6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CNMXLMAA.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_15.20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CX64APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64F3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64AF3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64AF3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSBoostDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPONS64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSNeoPCDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftcserco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ftserui2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ICEsoundAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KAAPORT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO5064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO6064.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO7064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPOShell64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioRealtek64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxSpeechAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO2064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO3064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO4064.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MISS_APO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOlfx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NahimicAPONSControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NAHIMICV2apo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DAA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RP3DHT64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtDataProc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTEEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SECOMN64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SEHDRA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFNHK64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sl3apo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slcnt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\slprp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sltech64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRRPTR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSHP64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSH64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSTSX64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRSWOW64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SStudio.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tadefxapo264.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\tepeqapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tosasfapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\toseaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaeapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tossaemaxapo64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WavesGUILib64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\YamahaAE2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\avastSS.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\RtlExUpd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdave32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atisamu32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280L.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNC280U.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CNHMCA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Comdlg32.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DLLDEV32i.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ftd2xx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Mscomctl.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\newlistview2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RltkAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SECOMN32.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SFCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SRCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vgf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdkmafd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndisrd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\VDiskBus64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\Users\Roman\Desktop\File-share.top Manager.exe:$CMDTCID [0]
FirewallRules: [UDP Query User{3F5D9CAF-E178-4A9F-BE5C-2C635ED47C86}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{76E00E1C-3D76-42FD-A305-61CD64D34191}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe => No File
C:\Program Files\Bonjour
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {84a91a17-b2ab-11e9-83c9-50465db58091} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\...\MountPoints2: {f94f4ee2-3681-11eb-846c-50465db58091} - "F:\HiSuiteDownLoader.exe"
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\AcpiServiceVnA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\AERTAC64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\AERTAR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdave64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdgfxinfo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdhcp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdhdl64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdlvr64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdmantle64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdmiracast.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdmmcl6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl12cl64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_as64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdocl_ld64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdpcom64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\amdxc64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiadlxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiapfxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\aticalcl64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\aticaldd64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\aticalrt64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\aticfx64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atidemgy.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atidxx64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieah64.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atieclxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiesrxx.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atig6pxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atig6txx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiglpxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atimpc64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atimuixx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atio6axx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODCLI.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ATIODE.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atisamu64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atitmm64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiu9p64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiumd64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiumd6a.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\atiuxp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\audioLibVc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\clinfo.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Cmeau108.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280C.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280I.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNC280O.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNHMCA6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CNMXLMAA.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\coinst_15.20.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\CX64APO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPA64F3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPD64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPD64AF3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPO64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPO64AF3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPP64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DDPP64AF3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DelayAPO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\detoured.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSBoostDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSGFXAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSGFXAPONS64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSLFXAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSLimiterDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSNeoPCDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSSymmetryDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSU2PGFX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSU2PLFX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSU2PREC64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\FMAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftcserco.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ftserui2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\GEARAspi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\hsa-thunk64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ICEsoundAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\KAAPORT64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\mantle64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\mantleaxl64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO20.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO4064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO5064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO6064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPO7064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioAPOShell64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioEQ64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxAudioRealtek64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxSpeechAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxVoiceAPO2064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxVoiceAPO3064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxVoiceAPO4064.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MaxxVolumeSDAPO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\MISS_APO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOlfx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NahimicAPONSControl.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\NAHIMICV2apo.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\OpenCL.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\R4EEA64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\R4EED64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\R4EEG64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\R4EEL64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\R4EEP64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RCoInstII64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RltkAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DAA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RP3DHT64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtDataProc64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEED64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEG64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEL64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTEEP64A.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkApi64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCfg64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtkCoLDR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtlCPAPI64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtNicProp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RtPgEx64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\RTSnMg64.cpl => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SEAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SECOMN64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SEHDRA64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SFAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SFCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SFNHK64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SFSS_APO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sl3apo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slcnt64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\slprp64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\sltech64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRAPO64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRCOM64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRRPTR64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSHP64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSH64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSTSX64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SRSWOW64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\SStudio.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tadefxapo.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tadefxapo264.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tepeqapo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tosade.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tosasfapo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\toseaeapo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tossaeapo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\tossaemaxapo64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\usbaaplrc.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\UtcResources.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\WavesGUILib64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\wu.upgrade.ps.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\YamahaAE.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\YamahaAE2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\avastSS.scr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\RtlExUpd.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdave32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdgfxinfo32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdhcp32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdhdl32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdlvr32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdmantle32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdmmcl.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl12cl.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_as32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdocl_ld32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdpcom32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\amdxc32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiadlxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiadlxy.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\aticalcl.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\aticaldd.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\aticalrt.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\aticfx32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atidxx32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atieah32.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atigktxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiglpxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atimpc32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atioglxx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atisamu32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiu9pag.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiumdag.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiumdva.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\atiuxpag.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280L.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNC280U.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\CNHMCA.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Comdlg32.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DCompiler_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dcsx_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx10_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx11_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_24.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_25.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_26.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_27.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_28.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_29.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_30.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_31.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_33.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_34.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_35.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\d3dx9_36.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_37.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_38.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_39.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_40.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_41.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_42.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\D3DX9_43.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\detoured.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DLLDEV32i.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\ftd2xx.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\hsa-thunk.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\mantle32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\mantleaxl32.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Mscomctl.ocx => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\newlistview2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\OpenCL.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.ex0 => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\PnkBstrB.xtr => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\RltkAPO.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SECOMN32.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SFCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\SRCOM.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\vgf.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\x3daudio1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\X3DAudio1_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_10.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_8.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine2_9.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xactengine3_7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAPOFX1_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_0.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_4.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_5.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\XAudio2_6.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_1.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_2.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\xinput1_3.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdacpksd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\amdkmafd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ati2erec.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmdag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\atikmpag.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ndisrd.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\rt640x64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RTKVHD64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\RtNdPt630.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\usbaapl64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\VDiskBus64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll => ":$CmdTcID" ADS could not remove.
C:\Users\Roman\Desktop\File-share.top Manager.exe => ":$CMDTCID" ADS could not remove.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3F5D9CAF-E178-4A9F-BE5C-2C635ED47C86}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76E00E1C-3D76-42FD-A305-61CD64D34191}D:\easysetupassistant\tl-wr1043nd\easysetupassistant.exe" => removed successfully
C:\Program Files\Bonjour => moved successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84a91a17-b2ab-11e9-83c9-50465db58091} => removed successfully
HKU\S-1-5-21-1537523766-1934355744-2765702040-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f94f4ee2-3681-11eb-846c-50465db58091} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22885594 B
Java, Flash, Steam htmlcache => 357252561 B
Windows/system/drivers => 51400876 B
Edge => 152576 B
Chrome => 0 B
Firefox => 0 B
Opera => 422689369 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 80422 B
NetworkService => 92638 B
Roman => 208053873 B

RecycleBin => 121906 B
EmptyTemp: => 1023.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:17:20 ====

#10 Příspěvek od **Rudy** » 23 pro 2020 20:54

Smazáno, log by již měl být OK.

VIRY.CZ

Preventivka PC

Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC

Re: Preventivka PC