Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 21 dub 2020 21:13

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:20, on 21.4.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19355)


Boot mode: Normal

Running processes:
C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\AMD\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [f.lux] "C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Chromium] "c:\users\amd\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{81E61C1F-A617-4FE9-8637-13D74AFB4EF5}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_19.0.0 - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe (file missing)
O23 - Service: Služba Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McAfee WebAdvisor - Unknown owner - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe (file missing)
O23 - Service: MEmuSVC - Unknown owner - C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
O23 - Service: MRAC Service (mracsvc) - Unknown owner - C:\Windows\System32\mracsvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8647 bytes

Reklama
panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 21 dub 2020 21:41

Počítač jede jak má. Jak jsem psal, nabíhá rychleji.

Internet po spuštění krátkou dobu nefunguje asi 1-2 minuty, předtím to nedělalo. Je připojen k síti ale nemá přístup na internet. poté se aktualizuje a funguje jak má(podle všeho). U jiných uživatelů nic.

Klávesnice funguje. Budu se to snažit podrobně popsat, kdyby měl někdo stejný problém.

Po té instalaci kasperskyho -(KVRT) a po spuštění pc nefungovala klávesnice(USB). Zkoušel jsem Odpojit,zapojit jiná i se starým (kulatým) konektorem nefungovala. Kontrola aktualizace ovladačů.Ve spravci zařízení byly vykřičníky a zpráva "nelze najít zařízení". Poté jsem někde našel ... Odstranit ovladače a restartovat PC, Nepomohlo.
Podařilo se mi najít videohttps://www.youtube.com/watch?v=k-TL-zhNMxo, kde to někdo přepisuje data přímo v registrech. našel jsem si to u sebe na pc a porovnal on má v tech registrech napsáno kbdclass já jsem měl klkbdflt kbdclass.
Nicméně jsem to nezměnil a vypádá to že se to vyřešilo při některé z těch oprav tady.

Zajímal by mně, jestli by se tento postup dal opravdu použít?

Počítač se vypíná pohotově. Předtím čekal na ukončení nějakého programu pravděpodobně bitcoinminer stejně tak se počítač nedal dát do spanku. pořád funfoval.

VELICE děkuji.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod jaro3 » 21 dub 2020 22:25

Pokud jsi zkušený uživatel , který zná práci s registry , tak můžeš zkusit , nejprve si ale udělat zálohu.
Pokud nejsi odborník na registry , můžeš způsobit omylem , nebo špatným návodem z netu kolaps windows..

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Chromium] "c:\users\amd\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')




ještě Chromium , takže ještě poslední nástroj:

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 22 dub 2020 20:57

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2020
Ran by AMD (administrator) on AMD-PC (Gigabyte Technology Co., Ltd. GA-970A-DS3) (22-04-2020 20:53:57)
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD (Available Profiles: AMD)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [f.lux] => C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [15900912 2019-06-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: {6a5b3e58-bcbc-11e9-9944-902b34a84b83} - G:\Lenovo_Suite.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.113\Installer\chrmstp.exe [2020-04-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1353248D-521C-440C-9814-B60A963401D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {2942B1C7-22FE-4673-A8A2-6AC99782BA2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {54B8D3D7-1306-404D-BBB3-DF7BB7C67A8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {98C0756F-B3D2-4180-BD57-9E2016949BEB} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {D4F4EC6B-D507-4E63-972B-D5CF76C65B22} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {DC285541-7893-4648-9963-069F5F837967} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)
Task: {FC0A96C7-4545-41B3-ACFA-37F075BB3880} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4DDC488B-DEC5-422B-9B28-CDECA3975E8E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{81E61C1F-A617-4FE9-8637-13D74AFB4EF5}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

Chrome:
=======
CHR Profile: C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default [2020-04-22]
CHR Extension: (Prezentace) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-21]
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-04-21]
CHR Extension: (Dokumenty) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-21]
CHR Extension: (Disk Google) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-21]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-21]
CHR Extension: (Tabulky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (Gmail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-25] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-16] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 mracsvc; C:\Windows\System32\mracsvc.exe [16966416 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-06-28] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16766008 2020-04-01] (Adlice -> )
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 AVP19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe" -r [X]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 KSDE3.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82240 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42304 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-04-21] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic Inc -> Fresco Logic)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309952 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [16228328 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-22 20:53 - 2020-04-22 20:54 - 000018920 _____ C:\Users\AMD\Desktop\FRST.txt
2020-04-22 20:53 - 2020-04-22 20:54 - 000000000 ____D C:\FRST
2020-04-22 20:38 - 2020-04-22 20:38 - 000000000 ____D C:\Users\AMD\Desktop\backups
2020-04-22 20:33 - 2020-04-22 20:33 - 002282496 _____ (Farbar) C:\Users\AMD\Desktop\FRST64.exe
2020-04-21 21:01 - 2020-04-22 20:54 - 000060696 _____ C:\Windows\ZAM.krnl.trace
2020-04-21 21:01 - 2020-04-21 21:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-04-21 21:01 - 2020-04-21 21:01 - 000003470 _____ C:\Windows\system32\Tasks\AMHelper
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Users\AMD\AppData\Local\Zemana
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-04-21 21:00 - 2020-04-21 21:04 - 000000000 ____D C:\Users\AMD\AppData\Local\AMSDK
2020-04-21 20:59 - 2020-04-21 20:59 - 012741568 _____ (Zemana Ltd. ) C:\Users\AMD\Desktop\AntiMalware_Setup.exe
2020-04-21 20:52 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-21 20:37 - 2020-04-21 20:49 - 000000000 ____D C:\zoek_backup
2020-04-21 20:31 - 2020-04-21 20:31 - 002038755 _____ C:\Users\AMD\Desktop\zoek.exe
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\Program Files\RogueKiller
2020-04-20 22:44 - 2020-04-20 22:50 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-20 19:52 - 2020-04-20 19:52 - 000000000 ____D C:\ProgramData\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-04-20 18:55 - 2020-04-20 18:55 - 000003776 _____ C:\Users\AMD\Desktop\JRT.txt
2020-04-20 18:46 - 2020-04-20 18:46 - 047857952 _____ (Adlice Software ) C:\Users\AMD\Desktop\RogueKiller_setup.exe
2020-04-20 18:42 - 2020-04-20 18:43 - 206758184 _____ (Sophos Limited) C:\Users\AMD\Desktop\Sophos Virus Removal Tool.exe
2020-04-20 18:39 - 2020-04-20 18:39 - 001790024 _____ (Malwarebytes) C:\Users\AMD\Desktop\JRT.exe
2020-04-19 20:45 - 2020-04-22 20:52 - 000000000 ____D C:\Users\AMD\AppData\Local\Adobe
2020-04-19 20:31 - 2020-04-19 20:32 - 000000000 ____D C:\AdwCleaner
2020-04-19 20:29 - 2020-04-19 20:29 - 000000000 ____D C:\Users\AMD\AppData\Local\CEF
2020-04-19 20:18 - 2020-04-19 20:18 - 000448512 _____ (OldTimer Tools) C:\Users\AMD\Desktop\TFC.exe
2020-04-19 20:15 - 2020-04-19 20:15 - 008196784 _____ (Malwarebytes) C:\Users\AMD\Desktop\adwcleaner_8.0.4.exe
2020-04-19 20:13 - 2020-04-19 20:13 - 000050688 _____ (Atribune.org) C:\Users\AMD\Desktop\ATF-Cleaner.exe
2020-04-16 22:58 - 2020-04-16 22:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\AMD\Desktop\HijackThis.exe
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\Users\AMD\AppData\Local\mbam
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 001965536 _____ (Malwarebytes) C:\Users\AMD\Desktop\MBSetup.exe
2020-04-16 22:30 - 2020-04-16 22:30 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Users\AMD\AppData\Local\mbamtray
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-16 22:26 - 2020-04-16 22:26 - 000000766 _____ C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
2020-04-16 22:16 - 2020-04-16 22:16 - 000000000 ____D C:\Users\AMD\AppData\Local\ElevatedDiagnostics
2020-04-16 09:10 - 2020-04-16 09:15 - 000000000 ____D C:\KVRT_Data
2020-04-16 09:04 - 2020-04-16 09:10 - 176057784 _____ (AO Kaspersky Lab) C:\Users\AMD\Desktop\KVRT.exe
2020-04-16 08:58 - 2020-04-16 08:58 - 002776800 _____ (Kaspersky) C:\Users\AMD\Desktop\kfa20.0.14.1085abccs_20888.exe
2020-04-02 13:10 - 2020-04-02 13:10 - 000000000 ____D C:\Users\AMD\Desktop\housle
2020-03-30 14:52 - 2020-03-30 14:52 - 000000000 ____D C:\Users\AMD\AppData\LocalLow\WW1 Game Series
2020-03-30 14:14 - 2020-03-30 14:14 - 000000222 _____ C:\Users\AMD\Desktop\Verdun.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-22 20:47 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-22 20:47 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-22 20:46 - 2011-04-12 10:34 - 000668138 _____ C:\Windows\system32\perfh005.dat
2020-04-22 20:46 - 2011-04-12 10:34 - 000140798 _____ C:\Windows\system32\perfc005.dat
2020-04-22 20:46 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-22 20:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-22 20:42 - 2019-06-13 01:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-22 20:40 - 2019-06-11 11:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-22 20:40 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-22 20:39 - 2019-09-07 08:58 - 000000000 ____D C:\Users\AMD\AppData\Roaming\DAEMON Tools Lite
2020-04-22 20:39 - 2019-08-04 13:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\inkscape
2020-04-22 20:39 - 2019-07-22 15:49 - 000000000 ____D C:\Users\AMD\AppData\Roaming\TS3Client
2020-04-22 20:39 - 2019-06-11 11:33 - 000000000 ____D C:\Windows\Panther
2020-04-22 01:10 - 2019-06-13 01:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-21 21:56 - 2019-06-13 18:33 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2020-04-21 21:56 - 2019-06-13 04:42 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-04-21 21:56 - 2019-06-13 04:42 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-04-21 21:53 - 2019-06-13 01:26 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Origin
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Local\Origin
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\ProgramData\Origin
2020-04-21 21:04 - 2019-06-13 01:20 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-21 20:49 - 2019-06-11 10:38 - 000000000 ____D C:\Users\AMD
2020-04-20 23:41 - 2019-08-12 07:32 - 000000000 ____D C:\Users\AMD\Desktop\Aloiks
2020-04-16 22:25 - 2019-08-25 14:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-04-16 21:04 - 2020-02-04 00:25 - 000000060 _____ C:\Windows\system32\perfdish001.dat
2020-04-16 09:20 - 2019-06-13 20:09 - 000000000 ____D C:\Users\AMD\Documents\My Games
2020-04-16 09:20 - 2019-06-11 11:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-16 09:19 - 2019-08-26 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-04-16 09:18 - 2019-08-25 14:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-16 09:17 - 2019-08-12 07:25 - 000000000 ____D C:\Users\AMD\Desktop\Tonda
2020-04-03 16:39 - 2009-07-14 07:08 - 000032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-28 19:54 - 2019-06-13 07:16 - 000000000 ____D C:\Users\AMD\AppData\Roaming\EasyAntiCheat

==================== Files in the root of some directories ========

2019-12-19 01:37 - 2019-12-19 01:37 - 000004012 _____ () C:\Users\AMD\AppData\Local\recently-used.xbel
2020-01-03 21:23 - 2020-01-05 11:37 - 000007602 _____ () C:\Users\AMD\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-20 14:37
==================== End of FRST.txt ========================

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 22 dub 2020 20:58

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2020
Ran by AMD (22-04-2020 20:54:38)
Running from C:\Users\AMD\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-06-11 08:38:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1390535825-3822005023-847873152-500 - Administrator - Disabled)
AMD (S-1-5-21-1390535825-3822005023-847873152-1000 - Administrator - Enabled) => C:\Users\AMD
Guest (S-1-5-21-1390535825-3822005023-847873152-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1390535825-3822005023-847873152-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Autodesk Fusion 360 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6032 - Autodesk, Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 19.06.0006 - Bloody)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Call of Juarez Gunslinger (c) Ubisoft version 1 (HKLM-x32\...\Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
f.lux (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.113 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{7B730D4C-A9F2-42BA-90E9-3B1B1FE22D41}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1E00635B-B22C-4953-BBCC-61BAED7C2D85}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{68DC53C1-AEE9-460A-A142-C9E8151F489E}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{B67ABBB5-5C0D-4619-A6D6-BA5A5FA422CC}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Nápověda (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1DE55A9E-B55D-4943-97B6-064B04A57AE2}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{8775F78E-6414-48E3-98D2-76EBB1B8721F}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{39508F29-1E81-40FC-85DA-3182CB04614E}) (Version: 15.2.10.1114 - HP Inc.)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.2.4.2 (HKLM\...\{B8FF8670-C6F4-4868-9DB2-C23324C0E575}) (Version: 6.2.4.2 - The Document Foundation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 6.2.9.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version: - )
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.7.3.64424 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{a8dc1a6c-6d23-499d-abf8-8af4895eaeb1}) (Version: 3.7.3.64424 - Grinding Gear Games)
PlanetSide 2 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
RogueKiller version 14.4.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.4.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Starborne (HKLM\...\{C5FA498D-B21A-46CD-8EC8-2D13A9904C43}) (Version: 1.0.0 - Solid Clouds)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TS Diktáty (plná instalace) (HKLM-x32\...\TS Diktáty (plná instalace)) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Základní software zařízení HP LaserJet MFP M28-M31 (HKLM\...\{C9DEFBBD-AC31-4DF6-81C2-385FCAA3B28B}) (Version: 46.2.2636.18185 - HP Inc.)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1390535825-3822005023-847873152-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\AMD\AppData\Local\Autodesk\webdeploy\production\79ccc336d91fd2d46ed87a5b819b04c15b878e83\NPreview10.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-07-27 00:00 - 2017-04-17 04:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000045056 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\Hardcodet.Wpf.TaskbarNotification.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000112128 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\QuickConverter.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000082432 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\ToastNotificationControl.dll
2017-08-16 01:33 - 2017-08-16 01:33 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HP\Common\HPDestPlgIn\LIBEAY32.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-04-22 20:38 - 000000813 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{FA467B84-D05A-4A3A-94D6-F49C790490AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1892998B-26C2-4C30-899E-9C6E70BE3826}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E9FA549-20F8-4A1A-9B00-33693FE6D05F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BC69576-FFAC-485D-9D2A-927D8D65360D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8597EA23-2738-4493-8D34-25F0BC9A87A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3D279155-B7BC-4428-BD0B-50CAA5036F93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{203375B0-CED8-4E6C-AB88-49DB8AD50360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{9B952905-5A00-4669-9B9B-FE10699A6AAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{752211C3-2501-4E02-9AD5-9E97A12974DB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E0870458-A29B-4D7B-9747-05894279737C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{391B397F-BDCF-457E-81C2-C559EB34289F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{12B1C644-5E41-4355-BF14-642CD1E359FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E43E4DB1-B8A3-40AF-8FDE-8E315CC972E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CE361ECC-E131-460E-9C63-7D210445B376}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{F8A4B524-23F0-4625-86EE-0EE102C08488}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{764ED1A5-5E9A-480D-8804-91169A9FA883}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3F21A16B-68A7-45F8-8BF5-9D6B01FF908F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{88D1EA77-D79F-406F-9353-C243D6BE99E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{88B29DC3-70E0-4CFA-89CB-361F25361641}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{B72BB049-C7B9-4F42-B552-B19294D8C225}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{73C85418-B687-4D0A-92FF-2F139B23369B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0878B140-B9F8-4013-9329-58675AF53027}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F623B544-8312-43BA-B9C7-996C972A7C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B8D381F4-6C83-4C59-9744-5480330880CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E5E6B632-EB09-4181-A19C-0B33197492F8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6C1EE169-8BAF-490B-A498-B5AAC10FEFD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E29E9E08-A1F4-4D2D-834D-9291EF1A45E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> )
FirewallRules: [{7837D799-BBD0-4A09-B7BF-7E37E8E562BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{1AABAC4D-CCCF-4B4A-8DF0-223F30341400}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{58C853D1-E214-4607-8D7B-5714035040A8}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{29E4ADDA-AFFE-4807-B24A-FF33AB884B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{F9B13AF3-FC5E-4C69-936E-8F29D8AF5AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{A8E4DD22-FA87-426B-80B8-D7FBF382E04B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [{34E410C3-C8A4-4E45-8939-79F86829CECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [TCP Query User{468B639A-FA0E-4746-A815-07D5DC05B5D2}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [UDP Query User{9CC2A117-DF1F-4C94-8E51-3F2E1F7F9DC3}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [{D6D543C3-28F7-40F4-A02D-2B9758945E99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{CF2F57F4-B090-4E75-9EE9-DAE1FC7BEBF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{D9B26BB7-EF74-425B-9262-AEC3103BCAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{105C12BE-FB50-4EA4-A48F-549C8C065107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{C80D00A2-EFC8-4615-9CC8-A081B796D9EC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{236BDAFB-D3DC-4257-AFC6-4AE81A9E2224}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2B5D4F2A-69EB-467E-ACB5-E54F3E466AFD}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8641151D-CBC2-46A1-96E4-A81ED031D730}] => (Allow) LPort=5357
FirewallRules: [{1C2A93B2-22A1-4109-A272-FC857A096158}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{1BE2FD95-69F8-4258-BF8E-47D8F3BC8562}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [UDP Query User{E4C6CA7A-C3B0-4145-9F9A-700DA3BE4D32}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [{543BC28D-CB40-4F0E-AEE3-D8A8C7114FB5}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [{5365240B-7C47-4E34-B121-CCA57FE1FC0C}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{55616E84-A249-4E8B-9BBA-98733792653D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{53B641D9-6D0F-45FA-B143-3B113B81289E}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [TCP Query User{B2293439-60B9-46F8-AFF4-133A2A374F29}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{7CFEBC40-C68E-4632-8002-9F68EF132066}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{2428C6F4-8305-4B29-AEAB-4236248A17D6}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F13F4C76-EDEC-4927-B4DD-85556CA8C182}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A2530E8D-2D05-4002-9645-F42F1F49DE3F}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{166BD7AB-1234-442B-BAF5-666C6918FF93}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{4D571EBA-C729-47D5-A3BB-888816ACEB2D}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe No File
FirewallRules: [UDP Query User{09295428-EC58-4CB6-AAAE-F5D475855063}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe No File
FirewallRules: [{8F378BC8-0B23-4E66-AFD1-6F9578F41B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{F9A3D9E4-E8CA-42AF-97A9-2C0934A8549C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{4AC525B0-4996-478C-AA0E-4E953DD84814}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{CA80C526-325D-488A-B3DC-7DB46B56490E}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{EEF370B8-2431-4076-A691-C4B430AF033D}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{D05C5681-9521-4DEC-8A80-3E8EFCC67FD5}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{A5A0F105-FB71-410C-80D4-2406AAD5023E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AAF0AAB8-5E17-4420-B3D3-5009B6F16D9D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{FF693A43-AB49-4A97-8468-3B225578D83D}C:\program files (x86)\sea3d\sea3d.exe] => (Allow) C:\program files (x86)\sea3d\sea3d.exe No File
FirewallRules: [UDP Query User{1634D069-390F-42B0-9120-74A9B57CB871}C:\program files (x86)\sea3d\sea3d.exe] => (Allow) C:\program files (x86)\sea3d\sea3d.exe No File
FirewallRules: [{C4F205B9-FD51-454D-B7D4-7728DAA2BDB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{4A63D8BA-F8A2-447B-A9B3-089B6EB5AFF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{5DD64302-28E5-49A9-8D26-3728D385FA9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-03-2020 11:58:25 Naplánovaný kontrolní bod
29-03-2020 22:49:16 Naplánovaný kontrolní bod
08-04-2020 10:31:51 Naplánovaný kontrolní bod
16-04-2020 08:56:35 Naplánovaný kontrolní bod
16-04-2020 09:18:40 Removed Age of Empires III
20-04-2020 18:48:56 JRT Pre-Junkware Removal
20-04-2020 19:51:40 Installed Sophos Virus Removal Tool.
21-04-2020 20:38:29 zoek.exe restore point

==================== Faulty Device Manager Devices ============

Name: kldisk
Description: kldisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kldisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klim6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kltdi
Description: kltdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kltdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: klwfp
Description: klwfp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwfp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: KLwtp - WFP callout traffic inspector
Description: KLwtp - WFP callout traffic inspector
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwtp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kneps
Description: kneps
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kneps
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/22/2020 08:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/22/2020 07:50:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (04/22/2020 07:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2020 11:55:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (04/21/2020 10:53:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (04/21/2020 09:08:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2020 08:57:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/21/2020 08:53:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (04/22/2020 08:42:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Kaspersky Secure Connection 3.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/22/2020 08:40:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (04/22/2020 08:40:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/22/2020 08:40:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Kaspersky Anti-Virus 19.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/22/2020 07:33:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Kaspersky Secure Connection 3.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/22/2020 07:31:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (04/22/2020 07:31:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/22/2020 07:31:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Kaspersky Anti-Virus 19.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-06-13 05:28:04.259
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-11 11:27:55.586
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:AMD-PC\AMD
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-11 11:35:40.318
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:35:40.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.415
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.400
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.025
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.150
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7d 09/09/2014
Motherboard: Gigabyte Technology Co., Ltd. GA-970A-DS3
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 32%
Total physical RAM: 8189.41 MB
Available physical RAM: 5531.02 MB
Total Virtual: 16376.96 MB
Available Virtual: 13168.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:894.15 GB) (Free:457.23 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:1004.65 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{969d068c-8c23-11e9-a1ca-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: C572D69C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=894.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 000BFF3D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod jaro3 » 22 dub 2020 23:21

Security Center =
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Ze seznamu programů klikněte dvakrát na programu Kaspersky Anti-Virus odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.

Pokud budou problémy , budeš muset ještě jednou pak dát frst , a odmažeme ty zbytky.

Nyní:
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: {6a5b3e58-bcbc-11e9-9944-902b34a84b83} - G:\Lenovo_Suite.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {DC285541-7893-4648-9963-069F5F837967} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)
Task: {FC0A96C7-4545-41B3-ACFA-37F075BB3880} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 mracsvc; C:\Windows\System32\mracsvc.exe [16966416 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [16228328 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
CustomCLSID: HKU\S-1-5-21-1390535825-3822005023-847873152-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\AMD\AppData\Local\Autodesk\webdeploy\production\79ccc336d91fd2d46ed87a5b819b04c15b878e83\NPreview10.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll -> No File
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [TCP Query User{4D571EBA-C729-47D5-A3BB-888816ACEB2D}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe No File
FirewallRules: [UDP Query User{09295428-EC58-4CB6-AAAE-F5D475855063}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe No File
FirewallRules: [UDP Query User{1634D069-390F-42B0-9120-74A9B57CB871}C:\program files (x86)\sea3d\sea3d.exe] => (Allow) C:\program files (x86)\sea3d\sea3d.exe No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 23 dub 2020 19:20

Mám s tím trochu problém... Přiznám se, nevím co je myšleno Bolded a co všechno tedy můžu zaškrtnout...
Chápu ,že to musí mít souvislost s tím programem (kaspersky), jen bych radeji, měl jistotu. Omlouvám se.
REVO.png

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod jaro3 » 23 dub 2020 20:06

Zatržítka dávej jen tam , kde je název Kaspersky. Ne AvP..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 23 dub 2020 21:22

Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2020
Ran by AMD (administrator) on AMD-PC (Gigabyte Technology Co., Ltd. GA-970A-DS3) (22-04-2020 20:53:57)
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD (Available Profiles: AMD)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [f.lux] => C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [15900912 2019-06-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\MountPoints2: {6a5b3e58-bcbc-11e9-9944-902b34a84b83} - G:\Lenovo_Suite.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.113\Installer\chrmstp.exe [2020-04-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1353248D-521C-440C-9814-B60A963401D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {2942B1C7-22FE-4673-A8A2-6AC99782BA2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {54B8D3D7-1306-404D-BBB3-DF7BB7C67A8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {98C0756F-B3D2-4180-BD57-9E2016949BEB} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {D4F4EC6B-D507-4E63-972B-D5CF76C65B22} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {DC285541-7893-4648-9963-069F5F837967} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)
Task: {FC0A96C7-4545-41B3-ACFA-37F075BB3880} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-13] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4DDC488B-DEC5-422B-9B28-CDECA3975E8E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{81E61C1F-A617-4FE9-8637-13D74AFB4EF5}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1390535825-3822005023-847873152-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

Chrome:
=======
CHR Profile: C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default [2020-04-22]
CHR Extension: (Prezentace) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-21]
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-04-21]
CHR Extension: (Dokumenty) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-21]
CHR Extension: (Disk Google) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-21]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-21]
CHR Extension: (Tabulky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (Gmail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-25] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-16] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 mracsvc; C:\Windows\System32\mracsvc.exe [16966416 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-06-28] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16766008 2020-04-01] (Adlice -> )
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 AVP19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe" -r [X]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 KSDE3.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82240 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42304 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-04-21] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic Inc -> Fresco Logic)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309952 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [16228328 2019-07-06] (Mail.Ru LLC -> LLC Mail.Ru)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-22 20:53 - 2020-04-22 20:54 - 000018920 _____ C:\Users\AMD\Desktop\FRST.txt
2020-04-22 20:53 - 2020-04-22 20:54 - 000000000 ____D C:\FRST
2020-04-22 20:38 - 2020-04-22 20:38 - 000000000 ____D C:\Users\AMD\Desktop\backups
2020-04-22 20:33 - 2020-04-22 20:33 - 002282496 _____ (Farbar) C:\Users\AMD\Desktop\FRST64.exe
2020-04-21 21:01 - 2020-04-22 20:54 - 000060696 _____ C:\Windows\ZAM.krnl.trace
2020-04-21 21:01 - 2020-04-21 21:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-04-21 21:01 - 2020-04-21 21:01 - 000003470 _____ C:\Windows\system32\Tasks\AMHelper
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Users\AMD\AppData\Local\Zemana
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-04-21 21:00 - 2020-04-21 21:04 - 000000000 ____D C:\Users\AMD\AppData\Local\AMSDK
2020-04-21 20:59 - 2020-04-21 20:59 - 012741568 _____ (Zemana Ltd. ) C:\Users\AMD\Desktop\AntiMalware_Setup.exe
2020-04-21 20:52 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-21 20:37 - 2020-04-21 20:49 - 000000000 ____D C:\zoek_backup
2020-04-21 20:31 - 2020-04-21 20:31 - 002038755 _____ C:\Users\AMD\Desktop\zoek.exe
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\Program Files\RogueKiller
2020-04-20 22:44 - 2020-04-20 22:50 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-20 19:52 - 2020-04-20 19:52 - 000000000 ____D C:\ProgramData\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-04-20 18:55 - 2020-04-20 18:55 - 000003776 _____ C:\Users\AMD\Desktop\JRT.txt
2020-04-20 18:46 - 2020-04-20 18:46 - 047857952 _____ (Adlice Software ) C:\Users\AMD\Desktop\RogueKiller_setup.exe
2020-04-20 18:42 - 2020-04-20 18:43 - 206758184 _____ (Sophos Limited) C:\Users\AMD\Desktop\Sophos Virus Removal Tool.exe
2020-04-20 18:39 - 2020-04-20 18:39 - 001790024 _____ (Malwarebytes) C:\Users\AMD\Desktop\JRT.exe
2020-04-19 20:45 - 2020-04-22 20:52 - 000000000 ____D C:\Users\AMD\AppData\Local\Adobe
2020-04-19 20:31 - 2020-04-19 20:32 - 000000000 ____D C:\AdwCleaner
2020-04-19 20:29 - 2020-04-19 20:29 - 000000000 ____D C:\Users\AMD\AppData\Local\CEF
2020-04-19 20:18 - 2020-04-19 20:18 - 000448512 _____ (OldTimer Tools) C:\Users\AMD\Desktop\TFC.exe
2020-04-19 20:15 - 2020-04-19 20:15 - 008196784 _____ (Malwarebytes) C:\Users\AMD\Desktop\adwcleaner_8.0.4.exe
2020-04-19 20:13 - 2020-04-19 20:13 - 000050688 _____ (Atribune.org) C:\Users\AMD\Desktop\ATF-Cleaner.exe
2020-04-16 22:58 - 2020-04-16 22:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\AMD\Desktop\HijackThis.exe
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\Users\AMD\AppData\Local\mbam
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 001965536 _____ (Malwarebytes) C:\Users\AMD\Desktop\MBSetup.exe
2020-04-16 22:30 - 2020-04-16 22:30 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Users\AMD\AppData\Local\mbamtray
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-16 22:26 - 2020-04-16 22:26 - 000000766 _____ C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
2020-04-16 22:16 - 2020-04-16 22:16 - 000000000 ____D C:\Users\AMD\AppData\Local\ElevatedDiagnostics
2020-04-16 09:10 - 2020-04-16 09:15 - 000000000 ____D C:\KVRT_Data
2020-04-16 09:04 - 2020-04-16 09:10 - 176057784 _____ (AO Kaspersky Lab) C:\Users\AMD\Desktop\KVRT.exe
2020-04-16 08:58 - 2020-04-16 08:58 - 002776800 _____ (Kaspersky) C:\Users\AMD\Desktop\kfa20.0.14.1085abccs_20888.exe
2020-04-02 13:10 - 2020-04-02 13:10 - 000000000 ____D C:\Users\AMD\Desktop\housle
2020-03-30 14:52 - 2020-03-30 14:52 - 000000000 ____D C:\Users\AMD\AppData\LocalLow\WW1 Game Series
2020-03-30 14:14 - 2020-03-30 14:14 - 000000222 _____ C:\Users\AMD\Desktop\Verdun.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-22 20:47 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-22 20:47 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-22 20:46 - 2011-04-12 10:34 - 000668138 _____ C:\Windows\system32\perfh005.dat
2020-04-22 20:46 - 2011-04-12 10:34 - 000140798 _____ C:\Windows\system32\perfc005.dat
2020-04-22 20:46 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-22 20:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-22 20:42 - 2019-06-13 01:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-22 20:40 - 2019-06-11 11:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-22 20:40 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-22 20:39 - 2019-09-07 08:58 - 000000000 ____D C:\Users\AMD\AppData\Roaming\DAEMON Tools Lite
2020-04-22 20:39 - 2019-08-04 13:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\inkscape
2020-04-22 20:39 - 2019-07-22 15:49 - 000000000 ____D C:\Users\AMD\AppData\Roaming\TS3Client
2020-04-22 20:39 - 2019-06-11 11:33 - 000000000 ____D C:\Windows\Panther
2020-04-22 01:10 - 2019-06-13 01:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-21 21:56 - 2019-06-13 18:33 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2020-04-21 21:56 - 2019-06-13 04:42 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-04-21 21:56 - 2019-06-13 04:42 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-04-21 21:53 - 2019-06-13 01:26 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Origin
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Local\Origin
2020-04-21 21:53 - 2019-06-13 01:18 - 000000000 ____D C:\ProgramData\Origin
2020-04-21 21:04 - 2019-06-13 01:20 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-21 20:49 - 2019-06-11 10:38 - 000000000 ____D C:\Users\AMD
2020-04-20 23:41 - 2019-08-12 07:32 - 000000000 ____D C:\Users\AMD\Desktop\Aloiks
2020-04-16 22:25 - 2019-08-25 14:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-04-16 21:04 - 2020-02-04 00:25 - 000000060 _____ C:\Windows\system32\perfdish001.dat
2020-04-16 09:20 - 2019-06-13 20:09 - 000000000 ____D C:\Users\AMD\Documents\My Games
2020-04-16 09:20 - 2019-06-11 11:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-16 09:19 - 2019-08-26 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-04-16 09:18 - 2019-08-25 14:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-16 09:17 - 2019-08-12 07:25 - 000000000 ____D C:\Users\AMD\Desktop\Tonda
2020-04-03 16:39 - 2009-07-14 07:08 - 000032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-28 19:54 - 2019-06-13 07:16 - 000000000 ____D C:\Users\AMD\AppData\Roaming\EasyAntiCheat

==================== Files in the root of some directories ========

2019-12-19 01:37 - 2019-12-19 01:37 - 000004012 _____ () C:\Users\AMD\AppData\Local\recently-used.xbel
2020-01-03 21:23 - 2020-01-05 11:37 - 000007602 _____ () C:\Users\AMD\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-20 14:37
==================== End of FRST.txt ========================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod jaro3 » 23 dub 2020 21:52

Ještě adition.txt
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 23 dub 2020 22:40

Vypadá to že se log po fixu v FRST neuložil, nemohu ho najít. Jediný, který se mi ukázal je ten co tu je a ten je ze včerejška. nevím jak se to povedlo všechny logy ukládám samostatně ze dne kdy jsou a tento byl jediný. Zase se omlouvám. Z

Aktuální log FRST ( znovu skenováno)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2020
Ran by AMD (administrator) on AMD-PC (Gigabyte Technology Co., Ltd. GA-970A-DS3) (23-04-2020 22:22:45)
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD (Available Profiles: AMD)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [f.lux] => C:\Users\AMD\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [15900912 2019-06-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.113\Installer\chrmstp.exe [2020-04-22] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1353248D-521C-440C-9814-B60A963401D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A899619-FA76-49AD-AC37-B1A474C9E49E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {2942B1C7-22FE-4673-A8A2-6AC99782BA2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {54B8D3D7-1306-404D-BBB3-DF7BB7C67A8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {98C0756F-B3D2-4180-BD57-9E2016949BEB} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {D4F4EC6B-D507-4E63-972B-D5CF76C65B22} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4DDC488B-DEC5-422B-9B28-CDECA3975E8E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{81E61C1F-A617-4FE9-8637-13D74AFB4EF5}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

Chrome:
=======
CHR Profile: C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default [2020-04-23]
CHR Extension: (Prezentace) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-21]
CHR Extension: (Ochrana Kaspersky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2020-04-21]
CHR Extension: (Dokumenty) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-21]
CHR Extension: (Disk Google) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-21]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-21]
CHR Extension: (Tabulky) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (Gmail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/deta ... ddadjhcadd

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-25] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-16] (Malwarebytes Inc -> Malwarebytes)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-06-28] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16766008 2020-04-01] (Adlice -> )
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S3 klvssbridge64_19.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe" [X]
S2 KSDE3.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82240 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42304 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-04-21] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2013-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic Inc -> Fresco Logic)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1123664 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-09] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 MEmuDrv; C:\Windows\System32\DRIVERS\MEmuDrv.sys [309952 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-23 21:09 - 2020-04-23 21:09 - 000007957 _____ C:\Users\AMD\Desktop\Fixlog.txt
2020-04-23 17:58 - 2020-04-23 17:58 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-04-23 17:58 - 2020-04-23 17:58 - 000001034 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-04-23 17:58 - 2020-04-23 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-04-23 17:58 - 2020-04-23 17:58 - 000000000 ____D C:\Program Files\VS Revo Group
2020-04-23 17:56 - 2020-04-23 17:56 - 007432520 _____ (VS Revo Group ) C:\Users\AMD\Desktop\revosetup.exe
2020-04-22 20:54 - 2020-04-22 20:55 - 000045892 _____ C:\Users\AMD\Desktop\Addition.txt
2020-04-22 20:53 - 2020-04-23 22:23 - 000017781 _____ C:\Users\AMD\Desktop\FRST.txt
2020-04-22 20:53 - 2020-04-23 22:22 - 000000000 ____D C:\FRST
2020-04-22 20:38 - 2020-04-22 20:38 - 000000000 ____D C:\Users\AMD\Desktop\backups
2020-04-22 20:33 - 2020-04-22 20:33 - 002282496 _____ (Farbar) C:\Users\AMD\Desktop\FRST64.exe
2020-04-21 21:01 - 2020-04-23 22:23 - 000068615 _____ C:\Windows\ZAM.krnl.trace
2020-04-21 21:01 - 2020-04-21 21:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-04-21 21:01 - 2020-04-21 21:01 - 000003470 _____ C:\Windows\system32\Tasks\AMHelper
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000001256 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Users\AMD\AppData\Local\Zemana
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-04-21 21:01 - 2020-04-21 21:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-04-21 21:00 - 2020-04-21 21:04 - 000000000 ____D C:\Users\AMD\AppData\Local\AMSDK
2020-04-21 20:59 - 2020-04-21 20:59 - 012741568 _____ (Zemana Ltd. ) C:\Users\AMD\Desktop\AntiMalware_Setup.exe
2020-04-21 20:52 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-04-21 20:37 - 2020-04-21 20:49 - 000000000 ____D C:\zoek_backup
2020-04-21 20:31 - 2020-04-21 20:31 - 002038755 _____ C:\Users\AMD\Desktop\zoek.exe
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000001011 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-04-20 22:45 - 2020-04-20 22:45 - 000000000 ____D C:\Program Files\RogueKiller
2020-04-20 22:44 - 2020-04-20 22:50 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-20 19:52 - 2020-04-20 19:52 - 000000000 ____D C:\ProgramData\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000002759 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-04-20 19:51 - 2020-04-20 19:51 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-04-20 18:55 - 2020-04-20 18:55 - 000003776 _____ C:\Users\AMD\Desktop\JRT.txt
2020-04-20 18:46 - 2020-04-20 18:46 - 047857952 _____ (Adlice Software ) C:\Users\AMD\Desktop\RogueKiller_setup.exe
2020-04-20 18:42 - 2020-04-20 18:43 - 206758184 _____ (Sophos Limited) C:\Users\AMD\Desktop\Sophos Virus Removal Tool.exe
2020-04-20 18:39 - 2020-04-20 18:39 - 001790024 _____ (Malwarebytes) C:\Users\AMD\Desktop\JRT.exe
2020-04-19 20:45 - 2020-04-22 20:52 - 000000000 ____D C:\Users\AMD\AppData\Local\Adobe
2020-04-19 20:31 - 2020-04-19 20:32 - 000000000 ____D C:\AdwCleaner
2020-04-19 20:29 - 2020-04-19 20:29 - 000000000 ____D C:\Users\AMD\AppData\Local\CEF
2020-04-19 20:18 - 2020-04-19 20:18 - 000448512 _____ (OldTimer Tools) C:\Users\AMD\Desktop\TFC.exe
2020-04-19 20:15 - 2020-04-19 20:15 - 008196784 _____ (Malwarebytes) C:\Users\AMD\Desktop\adwcleaner_8.0.4.exe
2020-04-19 20:13 - 2020-04-19 20:13 - 000050688 _____ (Atribune.org) C:\Users\AMD\Desktop\ATF-Cleaner.exe
2020-04-16 22:58 - 2020-04-16 22:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\AMD\Desktop\HijackThis.exe
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\Users\AMD\AppData\Local\mbam
2020-04-16 22:31 - 2020-04-16 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 001965536 _____ (Malwarebytes) C:\Users\AMD\Desktop\MBSetup.exe
2020-04-16 22:30 - 2020-04-16 22:30 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Users\AMD\AppData\Local\mbamtray
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-16 22:30 - 2020-04-16 22:30 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-16 22:26 - 2020-04-16 22:26 - 000000766 _____ C:\Users\AMD\Desktop\Nainstalovat produkt Kaspersky Free verze 20.0.14.1085.lnk
2020-04-16 22:16 - 2020-04-16 22:16 - 000000000 ____D C:\Users\AMD\AppData\Local\ElevatedDiagnostics
2020-04-16 09:10 - 2020-04-16 09:15 - 000000000 ____D C:\KVRT_Data
2020-04-16 09:04 - 2020-04-16 09:10 - 176057784 _____ (AO Kaspersky Lab) C:\Users\AMD\Desktop\KVRT.exe
2020-04-16 08:58 - 2020-04-16 08:58 - 002776800 _____ (Kaspersky) C:\Users\AMD\Desktop\kfa20.0.14.1085abccs_20888.exe
2020-04-02 13:10 - 2020-04-02 13:10 - 000000000 ____D C:\Users\AMD\Desktop\housle
2020-03-30 14:52 - 2020-03-30 14:52 - 000000000 ____D C:\Users\AMD\AppData\LocalLow\WW1 Game Series
2020-03-30 14:14 - 2020-03-30 14:14 - 000000222 _____ C:\Users\AMD\Desktop\Verdun.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-23 21:19 - 2019-06-13 01:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-23 21:17 - 2011-04-12 10:34 - 000668138 _____ C:\Windows\system32\perfh005.dat
2020-04-23 21:17 - 2011-04-12 10:34 - 000140798 _____ C:\Windows\system32\perfc005.dat
2020-04-23 21:17 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-23 21:17 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-23 21:17 - 2009-07-14 06:45 - 000033072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-23 21:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-23 21:10 - 2019-06-11 11:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-23 21:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-23 21:09 - 2020-03-20 21:21 - 000000000 ____D C:\Users\AMD\AppData\LocalLow\Temp
2020-04-23 19:52 - 2019-06-13 18:33 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2020-04-23 19:52 - 2019-06-13 04:42 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-04-23 19:51 - 2019-06-13 04:42 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-04-23 19:23 - 2019-06-13 01:26 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-04-23 19:23 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Origin
2020-04-23 19:23 - 2019-06-13 01:18 - 000000000 ____D C:\Users\AMD\AppData\Local\Origin
2020-04-23 19:23 - 2019-06-13 01:18 - 000000000 ____D C:\ProgramData\Origin
2020-04-23 18:00 - 2019-08-25 14:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-22 20:39 - 2019-09-07 08:58 - 000000000 ____D C:\Users\AMD\AppData\Roaming\DAEMON Tools Lite
2020-04-22 20:39 - 2019-08-04 13:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\inkscape
2020-04-22 20:39 - 2019-07-22 15:49 - 000000000 ____D C:\Users\AMD\AppData\Roaming\TS3Client
2020-04-22 20:39 - 2019-06-11 11:33 - 000000000 ____D C:\Windows\Panther
2020-04-22 01:10 - 2019-06-13 01:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-22 01:10 - 2019-06-13 01:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-21 21:04 - 2019-06-13 01:20 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-21 20:49 - 2019-06-11 10:38 - 000000000 ____D C:\Users\AMD
2020-04-20 23:41 - 2019-08-12 07:32 - 000000000 ____D C:\Users\AMD\Desktop\Aloiks
2020-04-16 22:25 - 2019-08-25 14:24 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-04-16 21:04 - 2020-02-04 00:25 - 000000060 _____ C:\Windows\system32\perfdish001.dat
2020-04-16 09:20 - 2019-06-13 20:09 - 000000000 ____D C:\Users\AMD\Documents\My Games
2020-04-16 09:20 - 2019-06-11 11:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-16 09:19 - 2019-08-26 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-04-16 09:17 - 2019-08-12 07:25 - 000000000 ____D C:\Users\AMD\Desktop\Tonda
2020-04-03 16:39 - 2009-07-14 07:08 - 000032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-28 19:54 - 2019-06-13 07:16 - 000000000 ____D C:\Users\AMD\AppData\Roaming\EasyAntiCheat

==================== Files in the root of some directories ========

2019-12-19 01:37 - 2019-12-19 01:37 - 000004012 _____ () C:\Users\AMD\AppData\Local\recently-used.xbel
2020-01-03 21:23 - 2020-01-05 11:37 - 000007602 _____ () C:\Users\AMD\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-20 14:37
==================== End of FRST.txt ========================

panzeleny
nováček
Příspěvky: 36
Registrován: duben 20
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nefunkční klavesnice, winmsrv

Příspěvekod panzeleny » 23 dub 2020 22:42

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2020
Ran by AMD (23-04-2020 22:23:26)
Running from C:\Users\AMD\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-06-11 08:38:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1390535825-3822005023-847873152-500 - Administrator - Disabled)
AMD (S-1-5-21-1390535825-3822005023-847873152-1000 - Administrator - Enabled) => C:\Users\AMD
Guest (S-1-5-21-1390535825-3822005023-847873152-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1390535825-3822005023-847873152-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version: - Sandbox Interactive GmbH)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Autodesk Fusion 360 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6032 - Autodesk, Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 19.06.0006 - Bloody)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
Call of Juarez Gunslinger (c) Ubisoft version 1 (HKLM-x32\...\Q2FsbG9mSnVhcmV6R3Vuc2xpbmdlcg==_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
f.lux (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.113 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{7B730D4C-A9F2-42BA-90E9-3B1B1FE22D41}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1E00635B-B22C-4953-BBCC-61BAED7C2D85}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{68DC53C1-AEE9-460A-A142-C9E8151F489E}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{B67ABBB5-5C0D-4619-A6D6-BA5A5FA422CC}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Nápověda (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1DE55A9E-B55D-4943-97B6-064B04A57AE2}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{8775F78E-6414-48E3-98D2-76EBB1B8721F}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{39508F29-1E81-40FC-85DA-3182CB04614E}) (Version: 15.2.10.1114 - HP Inc.)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.2.4.2 (HKLM\...\{B8FF8670-C6F4-4868-9DB2-C23324C0E575}) (Version: 6.2.4.2 - The Document Foundation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 6.2.9.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version: - )
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.7.3.64424 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{a8dc1a6c-6d23-499d-abf8-8af4895eaeb1}) (Version: 3.7.3.64424 - Grinding Gear Games)
PlanetSide 2 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RogueKiller version 14.4.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.4.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Starborne (HKLM\...\{C5FA498D-B21A-46CD-8EC8-2D13A9904C43}) (Version: 1.0.0 - Solid Clouds)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TS Diktáty (plná instalace) (HKLM-x32\...\TS Diktáty (plná instalace)) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-1390535825-3822005023-847873152-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Základní software zařízení HP LaserJet MFP M28-M31 (HKLM\...\{C9DEFBBD-AC31-4DF6-81C2-385FCAA3B28B}) (Version: 46.2.2636.18185 - HP Inc.)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-09-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-07-27 00:00 - 2017-04-17 04:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000045056 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\Hardcodet.Wpf.TaskbarNotification.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000112128 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\QuickConverter.dll
2019-09-07 08:57 - 2019-09-07 08:57 - 000082432 _____ (File is in use) [File not signed ?] C:\Program Files\DAEMON Tools Lite\ToastNotificationControl.dll
2017-08-16 01:33 - 2017-08-16 01:33 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HP\Common\HPDestPlgIn\LIBEAY32.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-13 01:20 - 2020-02-07 21:39 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47866901.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2020-04-22 20:38 - 000000813 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\HP\Common\HPDestPlgIn\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\
HKU\S-1-5-21-1390535825-3822005023-847873152-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FA467B84-D05A-4A3A-94D6-F49C790490AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1892998B-26C2-4C30-899E-9C6E70BE3826}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E9FA549-20F8-4A1A-9B00-33693FE6D05F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4BC69576-FFAC-485D-9D2A-927D8D65360D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8597EA23-2738-4493-8D34-25F0BC9A87A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{3D279155-B7BC-4428-BD0B-50CAA5036F93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{203375B0-CED8-4E6C-AB88-49DB8AD50360}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{9B952905-5A00-4669-9B9B-FE10699A6AAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{752211C3-2501-4E02-9AD5-9E97A12974DB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{E0870458-A29B-4D7B-9747-05894279737C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{391B397F-BDCF-457E-81C2-C559EB34289F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{12B1C644-5E41-4355-BF14-642CD1E359FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E43E4DB1-B8A3-40AF-8FDE-8E315CC972E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CE361ECC-E131-460E-9C63-7D210445B376}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{F8A4B524-23F0-4625-86EE-0EE102C08488}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{764ED1A5-5E9A-480D-8804-91169A9FA883}E:\program files\hry\far cry 3\bin\farcry3.exe] => (Allow) E:\program files\hry\far cry 3\bin\farcry3.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3F21A16B-68A7-45F8-8BF5-9D6B01FF908F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{88D1EA77-D79F-406F-9353-C243D6BE99E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{88B29DC3-70E0-4CFA-89CB-361F25361641}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{B72BB049-C7B9-4F42-B552-B19294D8C225}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{73C85418-B687-4D0A-92FF-2F139B23369B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0878B140-B9F8-4013-9329-58675AF53027}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F623B544-8312-43BA-B9C7-996C972A7C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{B8D381F4-6C83-4C59-9744-5480330880CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Rogue\ACC.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E5E6B632-EB09-4181-A19C-0B33197492F8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6C1EE169-8BAF-490B-A498-B5AAC10FEFD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{E29E9E08-A1F4-4D2D-834D-9291EF1A45E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> )
FirewallRules: [{7837D799-BBD0-4A09-B7BF-7E37E8E562BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conqueror's Blade\ConquerorsBladeSteamLoader.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{1AABAC4D-CCCF-4B4A-8DF0-223F30341400}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{58C853D1-E214-4607-8D7B-5714035040A8}C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\conqueror's blade\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{29E4ADDA-AFFE-4807-B24A-FF33AB884B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{F9B13AF3-FC5E-4C69-936E-8F29D8AF5AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{A8E4DD22-FA87-426B-80B8-D7FBF382E04B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [{34E410C3-C8A4-4E45-8939-79F86829CECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Empires Apart\autorun.exe (Slitherine Ltd -> Slitherine Publishing Ltd.)
FirewallRules: [TCP Query User{468B639A-FA0E-4746-A815-07D5DC05B5D2}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [UDP Query User{9CC2A117-DF1F-4C94-8E51-3F2E1F7F9DC3}C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\empires apart\impero\binaries\win64\impero-win64-shipping.exe (Slitherine Ltd -> DESTINYbit)
FirewallRules: [{D6D543C3-28F7-40F4-A02D-2B9758945E99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{CF2F57F4-B090-4E75-9EE9-DAE1FC7BEBF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{D9B26BB7-EF74-425B-9262-AEC3103BCAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{105C12BE-FB50-4EA4-A48F-549C8C065107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{C80D00A2-EFC8-4615-9CC8-A081B796D9EC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{236BDAFB-D3DC-4257-AFC6-4AE81A9E2224}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2B5D4F2A-69EB-467E-ACB5-E54F3E466AFD}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{8641151D-CBC2-46A1-96E4-A81ED031D730}] => (Allow) LPort=5357
FirewallRules: [{1C2A93B2-22A1-4109-A272-FC857A096158}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{1BE2FD95-69F8-4258-BF8E-47D8F3BC8562}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [UDP Query User{E4C6CA7A-C3B0-4145-9F9A-700DA3BE4D32}C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_1281610\javaw.exe
FirewallRules: [{543BC28D-CB40-4F0E-AEE3-D8A8C7114FB5}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [{5365240B-7C47-4E34-B121-CCA57FE1FC0C}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{55616E84-A249-4E8B-9BBA-98733792653D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{53B641D9-6D0F-45FA-B143-3B113B81289E}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [TCP Query User{B2293439-60B9-46F8-AFF4-133A2A374F29}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{7CFEBC40-C68E-4632-8002-9F68EF132066}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{2428C6F4-8305-4B29-AEAB-4236248A17D6}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F13F4C76-EDEC-4927-B4DD-85556CA8C182}C:\users\amd\appdata\local\warthunder\win32\aces.exe] => (Allow) C:\users\amd\appdata\local\warthunder\win32\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A2530E8D-2D05-4002-9645-F42F1F49DE3F}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{166BD7AB-1234-442B-BAF5-666C6918FF93}C:\users\amd\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\amd\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{8F378BC8-0B23-4E66-AFD1-6F9578F41B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{F9A3D9E4-E8CA-42AF-97A9-2C0934A8549C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New Frontier\Launcher.exe (Free Reign Entertainment LLC -> Free Reign Entertainment LLC)
FirewallRules: [{4AC525B0-4996-478C-AA0E-4E953DD84814}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{CA80C526-325D-488A-B3DC-7DB46B56490E}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{EEF370B8-2431-4076-A691-C4B430AF033D}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{D05C5681-9521-4DEC-8A80-3E8EFCC67FD5}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{A5A0F105-FB71-410C-80D4-2406AAD5023E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AAF0AAB8-5E17-4420-B3D3-5009B6F16D9D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{FF693A43-AB49-4A97-8468-3B225578D83D}C:\program files (x86)\sea3d\sea3d.exe] => (Allow) C:\program files (x86)\sea3d\sea3d.exe No File
FirewallRules: [{C4F205B9-FD51-454D-B7D4-7728DAA2BDB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{4A63D8BA-F8A2-447B-A9B3-089B6EB5AFF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{5DD64302-28E5-49A9-8D26-3728D385FA9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-03-2020 11:58:25 Naplánovaný kontrolní bod
29-03-2020 22:49:16 Naplánovaný kontrolní bod
08-04-2020 10:31:51 Naplánovaný kontrolní bod
16-04-2020 08:56:35 Naplánovaný kontrolní bod
16-04-2020 09:18:40 Removed Age of Empires III
20-04-2020 18:48:56 JRT Pre-Junkware Removal
20-04-2020 19:51:40 Installed Sophos Virus Removal Tool.
21-04-2020 20:38:29 zoek.exe restore point
23-04-2020 17:59:51 Revo Uninstaller's restore point - Kaspersky Anti-Virus
23-04-2020 21:09:35 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: kldisk
Description: kldisk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kldisk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klim6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kltdi
Description: kltdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kltdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: klwfp
Description: klwfp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwfp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: KLwtp - WFP callout traffic inspector
Description: KLwtp - WFP callout traffic inspector
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: klwtp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: kneps
Description: kneps
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kneps
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/23/2020 09:10:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/23/2020 09:09:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {6646eaec-2e5a-49f5-b059-3221eee54b06}

Error: (04/23/2020 08:52:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/23/2020 06:29:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (04/23/2020 05:59:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {677b7d3f-8c5b-4922-93bc-2cd8a20ef9c7}

Error: (04/23/2020 05:50:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/22/2020 08:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/22/2020 07:50:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).


System errors:
=============
Error: (04/23/2020 09:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Kaspersky Secure Connection 3.0.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/23/2020 09:10:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
klbackupflt
klim6
klpd
kltdi
klwfp
klwtp
kneps

Error: (04/23/2020 09:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/23/2020 09:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/23/2020 09:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/23/2020 09:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/23/2020 09:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/23/2020 09:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-06-13 05:28:04.259
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-11 11:27:55.586
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:AMD-PC\AMD
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-11 11:35:40.318
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:35:40.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronHub3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.415
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:14:38.400
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:05:24.025
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.181
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-11 11:03:29.150
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\EtronXHCI.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7d 09/09/2014
Motherboard: Gigabyte Technology Co., Ltd. GA-970A-DS3
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 33%
Total physical RAM: 8189.41 MB
Available physical RAM: 5485.41 MB
Total Virtual: 16376.96 MB
Available Virtual: 13111.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:894.15 GB) (Free:454.44 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:1004.66 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{969d068c-8c23-11e9-a1ca-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: C572D69C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=894.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 000BFF3D)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 15 hostů