wklejto.pl

Dodane przez: ~Anonim (2019-04-22 22:33) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
644.
645.
646.
647.
648.
649.
650.
651.
652.
653.
654.
655.
656.
657.
658.
659.
660.
661.
662.
663.
664.
665.
666.
667.
668.
669.
670.
671.
672.
673.
674.
675.
676.
677.
678.
679.
680.
681.
682.
683.
684.
685.
686.
687.
688.
689.
690.
691.
692.
693.
694.
695.
696.
697.
698.
699.
700.
701.
702.
703.
704.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2019
Ran by Smelson (administrator) on PIEC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (22-04-2019 21:53:02)
Running from E:\Pobrane\scoped_dir3572_26742
Loaded Profiles: Smelson (Available Profiles: Smelson)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
() [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Programy\Origin\OriginWebHelperService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Mad Catz Inc) [File not signed] C:\Program Files\Mad Catz\M.M.O.TE\MMO_TE_Profiler.exe
() [File not signed] C:\Program Files\PATRIOT VIPER HEADSET V361\CPL\FaceLift_x64.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Smelson\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(OpenOffice.org) [File not signed] N:\Open Office\program\soffice.exe
(OpenOffice.org) [File not signed] N:\Open Office\program\soffice.bin
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) N:\CCleaner\CCleaner64.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Smelson\AppData\Local\Programs\Opera\60.0.3255.27\opera.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13370472 2011-11-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [M.M.O.TE] => C:\Program Files\Mad Catz\M.M.O.TE\MMO_TE_Profiler.exe [129536 2015-09-18] (Mad Catz Inc) [File not signed]
HKLM\...\Run: [Cm108BSound] => C:\Program Files\PATRIOT VIPER HEADSET V361\CPL\FaceLift_x64.exe [2308608 2014-11-10] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\Run: [CCleaner Smart Cleaning] => N:\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\Run: [Gaijin.Net Updater] => C:\Users\Smelson\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-19] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\Run: [Smelson] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\MountPoints2: {0fd7b766-1bfa-11e9-a597-a53378459b43} - D:\Lenovo_Suite.exe
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\MountPoints2: {599d3c60-1fd3-11e9-8c54-f10101632643} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\MountPoints2: {cdc0707b-44ab-11e9-8027-bc7784770543} - G:\setup.exe
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\...\MountPoints2: {e2b27401-38e9-11e9-b3d6-b8b9a325cc43} - D:\Autorun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
Startup: C:\Users\Smelson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2019-04-22]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> N:\Open Office\program\quickstart.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1D55AF76-C0AC-4C9B-BE06-72E9111E3AFE} - System32\Tasks\Smelson => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Smelson /t REG_SZ /d "explorer.exe hxxp://dinoraptzor.org" <==== ATTENTION
Task: {2E33168D-2466-4C22-9689-DDDB407DABBC} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
Task: {51C29810-D3C1-4E3F-AA5A-75C44209EBFB} - System32\Tasks\Opera scheduled Autoupdate 1547913662 => C:\Users\Smelson\AppData\Local\Programs\Opera\launcher.exe [1492568 2019-04-08] (Opera Software AS -> Opera Software)
Task: {63B42383-F626-4218-AD9A-3C105469D699} - System32\Tasks\CCleanerSkipUAC => N:\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {82673AAB-F3E7-4CAF-A737-B99A5EF245E3} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {86323A12-B682-48D0-B318-70AA5A762F91} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-01-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {AC207102-271F-4AF5-99D7-4641FBDA6B2F} - System32\Tasks\Opera scheduled assistant Autoupdate 1550156214 => C:\Users\Smelson\AppData\Local\Programs\Opera\launcher.exe [1492568 2019-04-08] (Opera Software AS -> Opera Software)
Task: {B08C39D5-7995-4CE1-A5F3-223F06F47632} - System32\Tasks\CCleaner Update => N:\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EBDE50B5-4A31-4B3A-A610-BC2ED9832A2E} - System32\Tasks\Opera scheduled Autoupdate 1391853602 => C:\Programy\Opera\launcher.exe [1252440 2019-04-21] (Opera Software AS -> Opera Software)
Task: {FACE5CC1-F17A-42B6-9ED2-C76667649DAA} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-01-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {FF713119-5F12-4CCC-ACFA-04EE478C1D8F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [57736 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7A2968FA-248C-4BDB-9CC3-BADB41F3181B}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2130878735-2352057419-2770655663-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Programy\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
 
Opera: 
=======
OPR StartupUrls: "hxxp://www.google.pl/"
OPR Extension: (AdBlock) - C:\Users\Smelson\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-01-18]
StartMenuInternet: (HKLM) OperaStable - C:\Programy\Opera\Launcher.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1164664 2019-03-06] (Autodesk, Inc. -> Autodesk Inc.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499080 2019-01-10] (Advanced Micro Devices, Inc. -> AMD)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2019-01-09] () [File not signed]
S3 Disc Soft Lite Bus Service; N:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd -> Disc Soft Ltd)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Origin Client Service; C:\Programy\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Programy\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [223624 2019-01-10] (Advanced Micro Devices, Inc. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52783496 2019-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581000 2019-01-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 CMUAC; C:\Windows\System32\DRIVERS\CMUAC.sys [593920 2014-08-01] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2019-03-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2019-03-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 libusbK; C:\Windows\System32\DRIVERS\libusbK.sys [47200 2019-01-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [23968 2015-09-18] (Madcatz Europe Ltd -> Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [51488 2015-09-18] (Madcatz Europe Ltd -> Saitek)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 _hid_0738_1714; C:\Windows\System32\DRIVERS\_hid_0738_1714.sys [180928 2015-09-18] (Mad Catz Inc -> Saitek)
R3 _usb_0738_1714; C:\Windows\System32\DRIVERS\_usb_0738_1714.sys [46528 2015-09-18] (Mad Catz Inc -> Saitek)
S3 atillk64; \??\N:\XTREME GAMING ENGINE\AtiTool\atillk64.sys [X]
S3 GPCIDrv; \??\C:\Users\Smelson\AppData\Local\Temp\7zSEAF.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
S3 GVCIDrv; \??\N:\AORUS ENGINE\GVCIDrv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdacpksd.sys EF88D694A7A79D060D8D6C7C4E09DBBE
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 27C0E072C10269AEEF97E39850F6730B
C:\Windows\System32\DRIVERS\atikmpag.sys F3A0A9B22932F00A8B14518E1838D1DF
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athurx.sys 36322190763845975E0D001E90687BF2
C:\Windows\System32\drivers\AtihdW76.sys C72313B2477D627E3A190689811866CA
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CMUAC.sys 5A001B3DF8F3CA2AE23D07479513205A
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtlitescsibus.sys 679FF716052109392D870F6A6C4A3535
C:\Windows\System32\DRIVERS\dtliteusbbus.sys E23FDD696839A4790682CA66C48D3F2F
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 16FCA7101F0A3B1742E089AA4C306475
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\libusbK.sys C4AB79ACB70AAF0AC8B68A9018AA9625
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys FAF015B07E3A2874A790A39B7D2C579F
C:\Windows\System32\DRIVERS\mrxsmb10.sys 08E2345DF129082BCDFFDC1440F9C00D
C:\Windows\System32\DRIVERS\mrxsmb20.sys 108D87409C5812EF47D81E22843E8C9D
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SaiMini.sys 74230BDCFA3805BA8C5CB9CA1C20DC8A
C:\Windows\System32\drivers\SaiBus.sys C5F55CBC4C1E42FD864E5BF647C12315
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ScpVBus.sys 0447065A6E10774EFCECFDD0EB970A79
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 2098B8556D1CEC2ACA9A29CD479E3692
C:\Windows\System32\DRIVERS\srv2.sys D0F73A42040F21F92FD314B42AC5C9E7
C:\Windows\System32\DRIVERS\srvnet.sys 2BA8F3250828CCDB4204ECF2C6F40B6A
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tcpip.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\xusb21.sys 2C6BC21B2D5B58D8B1D638C1704CB494
C:\Windows\System32\DRIVERS\_hid_0738_1714.sys 5303A61A94ECF2D27F6FD7D6372D08BC
C:\Windows\System32\DRIVERS\_usb_0738_1714.sys E128135F2BC8DB529EDDDF6760C534FA
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Three months (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-22 21:52 - 2019-04-22 21:53 - 000000000 ____D C:\FRST
2019-04-22 21:21 - 2019-04-22 21:21 - 000000977 _____ C:\Users\Smelson\AppData\Local\recently-used.xbel
2019-04-22 21:20 - 2019-04-22 21:21 - 000000000 ____D C:\Users\Smelson\AppData\Local\gtk-2.0
2019-04-22 20:34 - 2019-04-22 20:34 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\OpenOffice.org
2019-04-22 20:24 - 2019-04-22 20:24 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Adobe
2019-04-22 20:24 - 2019-04-22 20:24 - 000000000 ____D C:\Users\Smelson\AppData\LocalLow\Adobe
2019-04-22 20:24 - 2019-04-22 20:24 - 000000000 ____D C:\Users\Smelson\AppData\Local\Adobe
2019-04-22 20:23 - 2019-04-22 20:23 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-04-22 20:23 - 2019-04-22 20:23 - 000002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2019-04-22 20:23 - 2019-04-22 20:23 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-04-22 20:22 - 2019-04-22 21:23 - 000000000 ____D C:\ProgramData\Adobe
2019-04-20 17:11 - 2019-04-22 21:22 - 000000000 ____D C:\Users\Smelson\AppData\Local\babl-0.1
2019-04-20 17:11 - 2019-04-20 17:11 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\GIMP
2019-04-20 17:11 - 2019-04-20 17:11 - 000000000 ____D C:\Users\Smelson\AppData\Local\GIMP
2019-04-20 17:11 - 2019-04-20 17:11 - 000000000 ____D C:\Users\Smelson\AppData\Local\gegl-0.4
2019-04-20 17:08 - 2019-04-20 17:08 - 000000643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.10.lnk
2019-04-20 12:33 - 2019-04-20 12:33 - 000000254 _____ C:\Users\Smelson\Documents\cc_20190420_123350.reg
2019-04-17 23:19 - 2019-04-17 23:19 - 000032952 _____ C:\Users\Smelson\Documents\cc_20190417_231936.reg
2019-04-17 23:18 - 2019-04-17 23:18 - 000000082 _____ C:\Users\Smelson\Documents\cc_20190417_231840.reg
2019-04-17 23:13 - 2019-04-17 23:13 - 000003842 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-17 23:13 - 2019-04-17 23:13 - 000002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-14 17:03 - 2019-04-14 17:03 - 000000000 ____D C:\ProgramData\FLEXnet
2019-04-14 16:50 - 2019-04-17 22:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-04-14 16:47 - 2019-04-14 16:47 - 000001513 _____ C:\Users\Public\Desktop\Aplikacja na pulpit firmy Autodesk.lnk
2019-04-14 16:45 - 2019-04-14 16:45 - 000002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2019-04-14 16:42 - 2019-04-14 16:47 - 000000000 ____D C:\Program Files (x86)\Autodesk
2019-04-14 16:42 - 2019-04-14 16:42 - 000002039 _____ C:\Users\Public\Desktop\Autodesk ReCap.lnk
2019-04-14 16:33 - 2019-04-15 10:18 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2019-04-14 16:33 - 2019-04-14 17:03 - 000000000 ____D C:\Users\Smelson\AppData\Local\Autodesk
2019-04-14 16:33 - 2019-04-14 16:33 - 000002100 _____ C:\Users\Public\Desktop\AutoCAD 2018 — polski (Polish).lnk
2019-04-14 16:32 - 2019-04-14 16:32 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2019-04-14 16:31 - 2019-04-14 17:03 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Autodesk
2019-04-14 16:31 - 2019-04-14 16:31 - 000000000 ____D C:\Users\Smelson\Documents\Inventor Server SDK ACAD 2018
2019-04-14 16:29 - 2019-04-14 16:45 - 000000000 ____D C:\Program Files\Autodesk
2019-04-14 16:29 - 2019-04-14 16:32 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2019-04-14 16:21 - 2019-04-14 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-04-14 16:06 - 2019-04-17 22:51 - 000000000 ____D C:\ProgramData\Autodesk
2019-04-14 16:03 - 2019-04-14 16:04 - 000000000 ____D C:\Autodesk
2019-04-10 09:55 - 2019-04-10 09:55 - 000003488 _____ C:\Windows\System32\Tasks\Smelson
2019-04-09 18:03 - 2019-04-16 17:59 - 000000000 ___SD C:\Users\Smelson\AppData\LocalLow\Temp
2019-04-09 00:08 - 2019-04-22 18:31 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\TS3Client
2019-04-09 00:08 - 2019-04-09 00:08 - 000000534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2019-04-04 22:29 - 2019-04-04 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2
2019-03-21 19:43 - 2019-04-10 09:45 - 000000000 ____D C:\Users\Smelson\AppData\Local\BitTorrentHelper
2019-03-19 23:47 - 2019-03-19 23:47 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-03-18 13:45 - 2019-04-22 19:04 - 000000000 ____D C:\Users\Smelson\AppData\Local\Warframe
2019-03-15 19:42 - 2019-03-15 19:42 - 000000000 ___SH C:\Users\Smelson\AppData\Local\LumaEmu
2019-03-12 13:47 - 2019-03-12 13:47 - 000000000 ____D C:\Users\Smelson\Documents\WB Games
2019-03-12 13:47 - 2019-03-12 13:47 - 000000000 ____D C:\ProgramData\Steam
2019-03-12 12:42 - 2019-03-12 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
2019-03-12 11:56 - 2019-04-17 23:17 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\DAEMON Tools Lite
2019-03-12 11:56 - 2019-03-12 11:56 - 000000000 ____D C:\Users\Smelson\AppData\Local\Disc_Soft_Ltd
2019-03-12 11:56 - 2019-03-12 11:56 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-03-12 11:55 - 2019-03-12 11:55 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2019-03-12 11:49 - 2019-03-12 11:49 - 000000000 ____D C:\Users\Smelson\Documents\temp
2019-03-11 13:39 - 2019-03-11 13:39 - 000004096 _____ C:\Windows\d3dx.dat
2019-03-10 22:12 - 2019-03-10 22:12 - 000000000 ____D C:\Users\Smelson\AppData\Local\SKIDROW
2019-03-09 16:28 - 2019-03-09 16:28 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\fltk.org
2019-03-09 16:28 - 2019-03-09 16:28 - 000000000 ____D C:\ProgramData\fltk.org
2019-02-28 23:23 - 2019-04-12 11:47 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\DS4Windows
2019-02-28 13:28 - 2019-02-28 13:28 - 000182151 _____ C:\Windows\Cm6xxx.ini.cfl
2019-02-28 13:28 - 2019-02-28 13:28 - 000000718 _____ C:\Windows\Cm6xxx.ini.imi
2019-02-28 13:28 - 2019-02-28 13:28 - 000000667 _____ C:\Windows\system\Cm6xxx.ini
2019-02-28 13:28 - 2019-02-28 13:28 - 000000134 _____ C:\Windows\system\Dlap.pfx
2019-02-28 13:28 - 2019-02-28 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Patriot
2019-02-28 13:28 - 2019-02-28 13:28 - 000000000 ____D C:\ProgramData\FaceLift
2019-02-28 13:28 - 2019-02-28 13:28 - 000000000 ____D C:\Program Files\PATRIOT VIPER HEADSET V361
2019-02-28 13:28 - 2016-12-07 05:03 - 000004103 ____N C:\Windows\Cm6xxx.ini.cfg
2019-02-28 13:28 - 2015-08-27 02:44 - 000090056 ____N C:\Windows\Install-02.bmp
2019-02-28 13:28 - 2015-08-27 02:43 - 000150056 ____N C:\Windows\Install-01.bmp
2019-02-28 13:28 - 2014-07-24 04:58 - 000833536 ____N C:\Windows\system32\Cmeau6620.exe
2019-02-28 13:28 - 2009-08-19 19:00 - 000359424 ____N C:\Windows\system32\CmiInstallResAll64.dll
2019-02-28 13:27 - 2019-02-28 13:27 - 000000000 ____D C:\Users\Smelson\Downloads\v361
2019-02-28 13:27 - 2014-08-01 04:15 - 000593920 _____ (C-MEDIA) C:\Windows\system32\Drivers\CMUAC.SYS
2019-02-28 13:27 - 2014-07-29 09:45 - 003251296 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMEFFECTAPO.dll
2019-02-28 13:27 - 2014-07-29 09:45 - 000226168 _____ (C-Media Electronics Inc.) C:\Windows\system32\CMCPLEXT.dll
2019-02-28 13:23 - 2019-02-28 13:25 - 135686020 _____ C:\Users\Smelson\Downloads\v361.zip
2019-02-22 23:29 - 2019-02-22 23:29 - 000000000 ____D C:\Users\Smelson\AppData\LocalLow\The Irregular Corp
2019-02-18 19:45 - 2019-02-18 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-02-18 14:33 - 2019-02-18 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-18 14:30 - 2019-02-18 14:30 - 001573568 _____ C:\Users\Smelson\Downloads\SteamSetup.exe
2019-02-17 21:28 - 2019-02-17 21:28 - 008094501 _____ (Andre Taulien) C:\Users\Smelson\Downloads\GD3D11-X17_1.exe
2019-02-17 13:28 - 2019-02-17 13:28 - 002683936 _____ (Hetakafac ) C:\Users\Smelson\Downloads\Gothic II L'Hiver Edition 1.1 Gothic II L'Hiver Edition NW_3305605972.exe
2019-02-15 23:11 - 2019-02-15 23:11 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Gothic
2019-02-15 21:11 - 2019-04-20 21:34 - 000000000 ___RD C:\Users\Smelson\Desktop\Wszystko
2019-02-15 21:07 - 2019-02-16 16:33 - 000000000 ____D C:\Users\Smelson\AppData\Local\The Witcher
2019-02-15 20:23 - 2019-02-15 20:23 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Frontier Developments
2019-02-15 20:23 - 2019-02-15 20:23 - 000000000 ____D C:\Users\Smelson\AppData\Local\Frontier Developments
2019-02-15 20:21 - 2019-03-08 17:13 - 000000000 ____D C:\Users\Smelson\AppData\Local\Frontier_Developments
2019-02-15 19:23 - 2019-02-15 19:23 - 000000000 ____D C:\Users\Smelson\AppData\Local\GOG.com
2019-02-15 19:07 - 2019-02-15 19:21 - 191970592 _____ (GOG.com ) C:\Users\Smelson\Downloads\setup_galaxy_1.2.51.30.exe
2019-02-15 15:23 - 2019-04-21 20:07 - 000003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1391853602
2019-02-15 13:46 - 2019-04-22 11:08 - 000000000 ____D C:\Users\Smelson\Downloads\opera autoupdate
2019-02-14 16:56 - 2019-02-14 16:56 - 000004288 _____ C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1550156214
2019-02-13 18:50 - 2019-02-13 18:50 - 004953080 _____ C:\Users\Smelson\Downloads\gmp.zip
2019-02-13 14:40 - 2019-02-13 14:40 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\EasyAntiCheat
2019-02-13 13:21 - 2019-02-13 14:40 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-07 12:12 - 2019-02-07 12:25 - 000000000 ____D C:\Users\Smelson\Documents\Endless Legend
2019-02-07 12:12 - 2019-02-07 12:12 - 000000000 ____D C:\Users\Smelson\AppData\LocalLow\AMPLITUDE Studios
2019-02-06 21:59 - 2019-02-06 21:59 - 000018775 _____ C:\Users\Smelson\Downloads\audioclip-1549483176-1111.mp4
2019-02-06 00:35 - 2019-02-06 00:35 - 001942795 _____ (RibShark ) C:\Users\Smelson\Downloads\Better_Rayman_3_Setup.exe
2019-02-06 00:31 - 2019-02-06 00:31 - 000000000 ____D C:\Program Files (x86)\directx
2019-02-05 17:36 - 2019-02-05 17:36 - 000000000 ____D C:\Users\Smelson\Documents\DyingLight
2019-02-04 18:51 - 2019-02-04 18:51 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\WinRAR
2019-02-02 20:18 - 2019-02-02 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect Andromeda
2019-02-02 13:12 - 2019-02-02 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-02-02 13:10 - 2019-03-17 18:32 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Origin
2019-02-02 13:08 - 2019-02-02 13:18 - 000000000 ____D C:\Users\Smelson\AppData\Local\Origin
2019-02-02 00:33 - 2019-03-02 01:19 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2019-02-01 23:54 - 2019-02-01 23:54 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\java
2019-02-01 23:36 - 2019-02-01 23:36 - 000110968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-02-01 23:36 - 2019-02-01 23:36 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Sun
2019-02-01 23:36 - 2019-02-01 23:36 - 000000000 ____D C:\Users\Smelson\AppData\LocalLow\Sun
2019-02-01 23:36 - 2019-02-01 23:36 - 000000000 ____D C:\ProgramData\Oracle
2019-02-01 23:36 - 2019-02-01 23:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-02-01 23:36 - 2019-02-01 23:36 - 000000000 ____D C:\Program Files\Java
2019-02-01 23:35 - 2019-02-01 23:35 - 000000000 ____D C:\Users\Smelson\AppData\LocalLow\Oracle
2019-02-01 23:32 - 2019-02-01 23:58 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\.minecraft
2019-02-01 23:32 - 2019-02-01 23:32 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2019-02-01 16:41 - 2019-04-18 16:17 - 000000000 ____D C:\Users\Smelson\AppData\Local\Ubisoft Game Launcher
2019-02-01 13:58 - 2019-02-01 13:58 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-01-26 17:38 - 2019-02-05 17:32 - 000000000 ____D C:\Users\Smelson\AppData\Local\Steam
2019-01-26 15:00 - 2019-01-26 15:00 - 000000000 ____D C:\Users\Smelson\AppData\Local\CEF
2019-01-23 16:55 - 2019-01-23 16:55 - 000350634 __RSH C:\YEPSL
 
==================== Three months (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-22 21:53 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-22 21:53 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-22 21:50 - 2019-01-18 00:56 - 000003098 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-04-22 21:50 - 2009-07-14 07:13 - 000818650 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-22 21:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-22 21:46 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-22 21:45 - 2019-01-18 00:58 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-04-22 21:12 - 2019-01-19 18:00 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\uTorrent
2019-04-19 18:53 - 2019-01-19 18:15 - 000000000 ____D C:\Users\Smelson\AppData\Roaming\vlc
2019-04-14 16:50 - 2019-01-18 01:21 - 000091648 _____ C:\Users\Smelson\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-14 16:50 - 2009-07-14 06:45 - 000355016 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-14 16:47 - 2019-01-18 00:52 - 000000000 ____D C:\ProgramData\Package Cache
2019-04-14 16:18 - 2019-01-18 00:51 - 000802516 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-04-09 21:18 - 2019-01-19 18:01 - 000004092 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1547913662
 
==================== Files in the root of some directories =======
 
2019-03-15 19:42 - 2019-03-15 19:42 - 000000000 ___SH () C:\Users\Smelson\AppData\Local\LumaEmu
2019-04-22 21:21 - 2019-04-22 21:21 - 000000977 _____ () C:\Users\Smelson\AppData\Local\recently-used.xbel
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {97948922-1aed-11e9-968c-907ef5d9e76c}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {97948924-1aed-11e9-968c-907ef5d9e76c}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {97948922-1aed-11e9-968c-907ef5d9e76c}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {97948924-1aed-11e9-968c-907ef5d9e76c}
device                  ramdisk=[C:]\Recovery\97948924-1aed-11e9-968c-907ef5d9e76c\Winre.wim,{97948925-1aed-11e9-968c-907ef5d9e76c}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\97948924-1aed-11e9-968c-907ef5d9e76c\Winre.wim,{97948925-1aed-11e9-968c-907ef5d9e76c}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {97948922-1aed-11e9-968c-907ef5d9e76c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {97948925-1aed-11e9-968c-907ef5d9e76c}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\97948924-1aed-11e9-968c-907ef5d9e76c\boot.sdi
 
 
LastRegBack: 2019-04-13 18:30
==================== End of FRST.txt ============================
Wygenerowano w 0.070s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!