DRIVER_IRQL_NOT_LESS_OR_EQUAL

Zpráva

Legalize · #16 Příspěvek od **Legalize** » 26 dub 2023 05:15

https://uloz.to/tamhle/B3D685VeBELz#!ZG ... qhnJAwAD==

#17 Příspěvek od **altrok** » 26 dub 2023 11:37

tl;dr Tipuju 3 možnosti - AV, ovladač grafiky, herní software?

Antivir v logách nevidím (respektive v minidumpech nejsou symboly). Ve dvou dumpech jsou před samotným Bug Checkem zmínky o nvlddmkm.sys

Loaded symbol image file: nvlddmkm.sys
Image path: \SystemRoot\System32\DriverStore\FileRepository\nvdm.inf_amd64_a7d5d198678609bd\nvlddmkm.sys
Image name: nvlddmkm.sys
Browse all global symbols functions data
Timestamp: Thu Dec 15 04:08:35 2022 (639A8FB3)

který ale je z prosince 2022 (problém bych upřímně očekával v nějaké nedávnější verzi).

Když mrknu do věcí, které se v PC aktualizovaly/měnily, tak:

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-24 21:21 - 2023-04-24 21:22 - 002166364 _____ C:\Windows\Minidump\042423-12875-01.dmp
2023-04-24 21:00 - 2023-04-24 21:00 - 000000000 ____D C:\Windows\system32\lxss
2023-04-24 21:00 - 2023-04-24 21:00 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2023-04-24 20:21 - 2023-04-24 21:21 - 1875332992 _____ C:\Windows\MEMORY.DMP
2023-04-24 20:21 - 2023-04-24 20:21 - 002030620 _____ C:\Windows\Minidump\042423-14203-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-24 21:23 - 2023-02-16 19:55 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-04-24 21:23 - 2023-02-16 19:55 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-04-24 21:23 - 2022-07-29 22:09 - 002790904 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000484856 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000247248 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000202232 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000165368 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-04-24 21:23 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-24 21:22 - 2023-01-22 20:52 - 000000000 ____D C:\Windows\Minidump
2023-04-24 21:21 - 2022-07-28 11:51 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2023-04-24 21:21 - 2022-07-28 11:19 - 000000000 ____D C:\Intel
2023-04-24 21:21 - 2022-07-28 11:07 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-24 21:21 - 2022-07-28 10:52 - 000115727 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2023-04-24 21:21 - 2022-07-28 10:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-24 21:21 - 2022-07-28 10:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-24 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-04-24 21:01 - 2022-07-28 10:42 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-04-24 21:00 - 2022-07-28 11:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-04-24 20:58 - 2022-07-28 11:52 - 000000000 ____D C:\Users\Michal\AppData\Local\NVIDIA
2023-04-24 20:58 - 2022-07-28 11:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-04-24 20:57 - 2023-01-22 15:38 - 000000000 ____D C:\ProgramData\Dell

a z těchto událostí si začínám myslet, že za to může ovladač GPU (NVIDIA Ovladače grafiky 517.89) - můžeš ho přeinstalovat na starší verzi (downgrade)/odinstalovat ho?

Proč máš upravený hosts file tak jak ho máš?

Legalize · #18 Příspěvek od **Legalize** » 26 dub 2023 12:21

Ano, take si myslim, ze problem je s ovladaci grafiky. System pada pouze pri hrani her, kdy pocitac vyuziva externi grafiku Nvidia. Zkusim znova downgrade ovladace. Nez jsem zalozil toto tema uz jsem ruzne reinstally ovladace zkousel, ale uz se v tom ztracim.

nvlddmkm.sys selhává to my někdy hází modrou obrazovku SYSTEM_SERVICE_EXCEPTION, jak uz jsem psal.

Hosts file nevím, tomu nerozumim.

#19 Příspěvek od **altrok** » 26 dub 2023 16:25

Zkus různé verze, klidně i půl roku staré, otestuj a dej během pár dnů vědět.

hosts file běžní uživatelé nejčastěji používají k blokování některých domén/webových stránek. Využívá se k tomu tzv. localhost, tedy volání sám na sebe (což je v počítačové terminologii adresa 127.0.0.1). Když v prohlížeči zadáš např. www.youtube.com, tak se ti začne načítat youtube. Pokud ale do hosts souboru (je v C:\Windows\system32\drivers\etc\hosts ) vložím řádek

127.0.0.1 youtube.com

tak se prohlížeč prvně mrkne do hosts souboru a vidí, že má youtube načíst z adresy 127.0.0.1 (což je vlastně sám onen počítač), čímž k jeho načtení nedojde -> blokace. Používají to často weboví vývojáři apod. Ty máš nastaveno, aby se ti stránky Fake FitGirl načítaly ze 109.94.209.70, čemuž upřímně úplně nerozumím.

Např. Spybot (obranný nástroj) měl svůj blacklist, kde ti do hosts filu naházel tisíce škodlivých domén a směroval jejich překlad na 127.0.0.1 -> blokoval je. Hosts file může být zneužit i malwarem, kdy legitimní stránku přesměruje na škodlivou apod.

8.8.8.8 seznam.cz

kdy IP adresa 8.8.8.8 patří googlu.

Legalize · #20 Příspěvek od **Legalize** » 26 dub 2023 17:44

Našel jsem tento ovladač: https://www.dell.com/support/home/cs-cz ... 520-laptop

Je dost starý, ale v popisku je, že je přímo pro můj model NB. Ale je to 32 bit. Ten jsem určitě nezkoušel. Zkouším...

Případně tento: https://www.dell.com/support/home/cs-cz ... 520-laptop

Jak tedy mohu smazat hosts file a efektivně zkontrolovat systém proti malware (předpokládám, že to má na svědomí)?

Legalize · #21 Příspěvek od **Legalize** » 26 dub 2023 20:34

Zdá se, že problém byl odstraněn ISV Certified ovladačem, který jsem posílal v tom prvním linku.

Vlastně jsem měl stejný problém kdysi s Lenovo ThinkPad E520, také s přepínatelnou grafikou. Fungovala tam taky jen jedna konkrétní verze ovladače.

Hloupé je, že problém způsobil aktualizační program přímo od výrobce (Dell Support Asist).

Jinak je v tom logu z FRST, kterým jsem začal toto vlákno vše OK?

Moc díky!

Bruno47 · #22 Příspěvek od **Bruno47** » 29 dub 2023 11:04

Legalize píše: ↑25 dub 2023 21:18 Použil jsem Memtest z bootovací flashky. Po 6ti hodinovém testování vše OK - 0 errors.

Zde obsah adreáře minidump: http://leteckaposta.cz/963880137

Děkuji moc

#23 Příspěvek od **JaRon** » 29 dub 2023 13:01

Ako kolega pisal, niektore nastavenia nie su zrovna standardne, preto doporucejem scan s Mbam + Adwcleaner

Legalize · #24 Příspěvek od **Legalize** » 03 kvě 2023 16:35

Zde Mbam log:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.05.23
Čas skenování: 7:23
Logovací soubor: 9aca7c82-e972-11ed-aa90-d481d7e3d5e3.json

-Informace o softwaru-
Verze: 4.5.24.248
Verze komponentů: 1.0.1952
Aktualizovat verzi balíku komponent: 1.0.68938
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19045.2846)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-RV3QMI2\Michal

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 716276
Zjištěné hrozby: 30
Hrozby umístěné do karantény: 0
Uplynulý čas: 6 hod, 25 min, 21 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 10
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoPico Daily Restart, Žádná uživatelská akce, 8108, 769804, , , , , ,
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{01F4EF06-D1B3-4304-951B-CF0DC8658CEF}, Žádná uživatelská akce, 8108, 769804, , , , , ,
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{01F4EF06-D1B3-4304-951B-CF0DC8658CEF}, Žádná uživatelská akce, 8108, 769804, , , , , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\KMSpico Automatic Update Scheduler, Žádná uživatelská akce, 13716, 921550, , , , , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E3B1ECB5-1188-48FE-91A7-C6D72D3AAED4}, Žádná uživatelská akce, 13716, 921550, , , , , ,
HackTool.KMSpico, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{E3B1ECB5-1188-48FE-91A7-C6D72D3AAED4}, Žádná uživatelská akce, 13716, 921550, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimize Thumbnail Cache, Žádná uživatelská akce, 4189, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7F3BB80C-91BB-49C9-8E44-90B92810AF2D}, Žádná uživatelská akce, 4189, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{7F3BB80C-91BB-49C9-8E44-90B92810AF2D}, Žádná uživatelská akce, 4189, 943626, , , , , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,

Hodnota v registru: 9
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2238093209-2022152676-238686933-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, Žádná uživatelská akce, 4189, -1, 0.0.0, , action, , ,

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 2
HackTool.KMSpico, C:\Program Files\KMSpico, Žádná uživatelská akce, 13716, 921550, 1.0.68938, , ame, , ,
HackTool.KMSpico, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico, Žádná uživatelská akce, 13716, 921555, 1.0.68938, , ame, , ,

Soubor: 9
HackTool.KMS, C:\WINDOWS\SYSTEM32\TASKS\AutoPico Daily Restart, Žádná uživatelská akce, 8108, 769804, , , , , 52687288ACA4436B16377A0B6905AB22, 2D8447E169B7AD7903C0DC895E71FAD42C631547738EF3E1112ADCF7679F4748
HackTool.KMS, C:\PROGRAM FILES\KMSPICO\AUTOPICO.EXE, Žádná uživatelská akce, 8108, 769804, 1.0.68938, , ame, , CFE1C391464C446099A5EB33276F6D57, 4A714D98CE40F5F3577C306A66CB4A6B1FF3FD01047C7F4581F8558F0BCDF5FA
HackTool.KMSpico, C:\WINDOWS\SYSTEM32\TASKS\KMSpico Automatic Update Scheduler, Žádná uživatelská akce, 13716, 921550, , , , , B82579DCF05127275FE2FF48C648986F, 7FCEEFF8A63D3FCAB8CC906D3FC6122C7261A20B407489DF10815F926B5F2CC8
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO\KMSUPD.EXE, Žádná uživatelská akce, 13716, 921550, 1.0.68938, , ame, , F69BF8D90E7C39258D199D68796673F4, 78FC8AC15C81A9F912F6B1133E111D9AAB731341A6EA7FA24FECD70CAF936BCC
Generic.Trojan.Malicious.DDS, D:\PROGRAMY\GETKMSPICO.COM-KMSPICO_SETUP\KMSPICO_SETUP.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.68938, 864BFEED806E1AF8BEF223FB, dds, 02279768, 9255DA57BB36247DB4AC983B8183BAB5, B03C86AE3DE18F79382E9DC23992850C7C952C01AA14475E85F280BAFE734BD4
Chir.Spyware.Infostealer.DDS, D:\PROGRAMY\WINDOWS_INSTALL\WINDOWS_7-AKTIVACE\WINDOWS 7 LOADER.EXE, Žádná uživatelská akce, 1000002, 0, 1.0.68938, 19C4B1AB47B3434B29EBA85E, dds, 02279768, BF1CF345674BDF35830FD74CF153FD8A, 4201898F22665570F993BB688DCB8BD8F605D4CB2776ED6887263CFD8E5663AF
Malware.AI.4041196614, D:\PROGRAMY\WIRELESSKEYVIEW.ZIP, Žádná uživatelská akce, 1000000, -253770682, 1.0.68938, 266B7C47878A345CF0DFC446, dds, 02279768, A0CE57FFA0792DCDEA136A46B5544BF4, BF5ECD227181DCD0B05775BF92931E970B3C729183640ABD130C0BF515EE6246
Malware.AI.1013649364, E:\GAMES\THE ELDER SCROLLS V SKYRIM\UNINSTALL.EXE, Žádná uživatelská akce, 1000000, 1013649364, 1.0.68938, 5CCD691EF651B46D3C6B0FD4, dds, 02279768, 10433A24BCCBD7ED6CBD4794EC1AC159, 53AC13F683FE11EAE9D84BE41749DF703D65B7D79748C0A161555B26000DEC68
Hijack.AutoConfigURL.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\OPTIMIZE THUMBNAIL CACHE, Žádná uživatelská akce, 4189, 943626, 1.0.68938, , ame, , 019087D1A5033466D3B3980CD07B0C90, 91C314D1E67E15307FFD3F13566D852BA44B978BCE378B8A50BC2C0F1469F3FD

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#25 Příspěvek od **JaRon** » 03 kvě 2023 17:00

Tak to vidis, tolko bordelu - patrilo by sa to vsetko zmazat

Legalize · #26 Příspěvek od **Legalize** » 14 kvě 2023 13:35

Tak mám opět stejný problém jako na začátku.
Občas se mi stalo, že mi systém aktualizoval ovladač GK, ale vždy jsem zase manuálně downgradoval na ten starší ovladač a bylo po problému.
Najednou se mi však děje totožný problém i s tím dříve funkčním ovladačem GK. Stejné pády při hraní her, modré obrazovky a hlášky na nich. Zkoušel jsem odebrat aktualizace Windows, které se nainstalovali těsně před tím, než jsem registroval problém. Nepomohlo. Různě jsem přeinstalovával obladač GK. Nepomohlo.

Tady je obsah adresáře Minidump
https://uloz.to/tam/40f7e827-d156-403d- ... 65d6214eeb

#27 Příspěvek od **JaRon** » 14 kvě 2023 16:46

Tak sa vratime na zaciatok - vloz oba aktualne logy FRST

Legalize · #28 Příspěvek od **Legalize** » 14 kvě 2023 17:49

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by Michal (administrator) on DESKTOP-RV3QMI2 (Dell Inc. Precision 7520) (14-05-2023 18:45:51)
Running from D:\Stažené soubory\FRST64.exe
Loaded Profiles: Michal
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\HidMonitorSvc.exe ->) (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) ("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-04-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235920 2020-04-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-04-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-2238093209-2022152676-238686933-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2238093209-2022152676-238686933-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2238093209-2022152676-238686933-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2238093209-2022152676-238686933-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-12] (Google LLC -> Google LLC)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon – zástupce.lnk [2022-07-28]
ShortcutTarget: ctfmon – zástupce.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {101744F1-3979-4B53-9280-2782403AF069} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-17] (HP Inc. -> HP Inc.)
Task: {1D88DA52-4CFB-4201-A028-A9082D5C1762} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4885912 2023-04-11] (Avast Software s.r.o. -> AVAST Software)
Task: {1DD15622-4E73-44AB-9739-ABFCC357E566} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2705B1E1-5411-4231-8999-2568C964FD6D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {2B0D3F56-980D-4C39-A3C9-8A5368625132} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {32175321-8173-41D8-8B64-13A7E40F82E6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-13] (Avast Software s.r.o. -> Avast Software)
Task: {46D79621-A058-47CF-899E-F9F77494B5D8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {505E57CF-387A-467C-85FA-BFADAF59CE54} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {672412A2-6C3E-45C3-ADAE-1D59603D5D63} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [219848 2022-08-21] (Intel Corporation -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
Task: {70A14298-B48A-4F98-A5B3-9BD364C46045} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2096064 2017-03-17] (NVIDIA Corporation -> )
Task: {7450CD90-B065-40E0-B3EB-219A706BA727} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {75EBEFB8-B94E-48FA-BE47-F1572DF367C7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9624F0CA-3B18-4E98-B2D3-8E9EF633588E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0ddc36cd-4798-4351-8296-eeba40e894fb" --version "6.11.10455" --silent
Task: {97759FC0-7AEC-4788-8EB9-D544E1A72D52} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {A9E422A0-194B-410F-B94E-F871972C459E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B15570F0-9DFA-47B1-BD2C-9CBEE814C5C0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C9EF5D5A-5C60-4A57-8FC1-C8A8BEB82A50} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {D1324AD8-D84C-4671-9127-1703FA8D92EA} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-17] (HP Inc. -> HP Inc.)
Task: {D60A66E4-BE73-4231-A7F9-5B83B7590AB0} - System32\Tasks\CCleanerSkipUAC - Michal => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DC18CAC0-10E3-4077-8879-10B758A51D3D} - System32\Tasks\GoogleUpdateTaskMachineCore{559493EA-2EBE-4D42-8F6A-83A4C9D3BF0D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-07-28] (Google Inc -> Google LLC)
Task: {E5713842-CA35-46AB-A5B7-CE40C0ACD24F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Michal" /ENABLE
Task: {E5713842-CA35-46AB-A5B7-CE40C0ACD24F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {E5713842-CA35-46AB-A5B7-CE40C0ACD24F} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {FCC8F6CC-E2E9-478A-97C4-604ABBB002A5} - System32\Tasks\GoogleUpdateTaskMachineUA{6BBA2034-FC4A-4486-9EB5-10C6EF9E7C46} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-07-28] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [{8EB8ACF2-18A8-4758-85C1-12B180D94138}] => hxxp://127.0.0.1:86/ <==== ATTENTION
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2f698019-3819-4aca-a144-560a4eac2d09}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Michal\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-01]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-03-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2023-05-14]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-20]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-02]
CHR Extension: (Shazam: Hledejte názvy skladeb v prohlížeči) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-05-13]
CHR Extension: (DownThemAll!) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nljkibfhlpcnanjgbnlnbjecgicbjkge [2023-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-28]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Windows\system32\DellTPad\HidMonitorSvc.exe [894848 2021-05-25] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8808344 2023-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [584088 2023-04-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-07-28] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-11-18] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
R2 DellFFDPWmiService; C:\Windows\System32\drivers\DellFFDPWmiService.exe [41136 2020-08-28] ("STMicroelectronics Srl" -> )
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 hostcontrolsvc; C:\Windows\System32\HostControlService.exe [824424 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\Windows\System32\HostStorageService.exe [170088 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-17] (HP Inc. -> HP Inc.)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o. -> Gemfor s.r.o.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [4167224 2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1846768 2023-04-07] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336256 2023-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ushupgradesvc; C:\Windows\System32\UshUpgradeService.exe [274536 2019-12-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [371312 2021-05-25] (ALPS ALPINE CO.,LTD. -> ALPSALPINE Co., Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31376 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [235424 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391808 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297840 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39608 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [269464 2023-04-25] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [557096 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105208 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80376 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [942952 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [702784 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212640 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319568 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [47472 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]
U4 HomeGroupProvider; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-14 18:43 - 2023-05-14 18:43 - 002169980 _____ C:\Windows\Minidump\051423-12625-01.dmp
2023-05-14 18:42 - 2023-05-14 18:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-14 18:26 - 2023-05-14 18:26 - 000000000 ____D C:\Users\Michal\AppData\Roaming\NVIDIA
2023-05-14 18:08 - 2023-05-14 18:43 - 000002618 _____ C:\Windows\system32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-05-14 18:08 - 2023-05-14 18:08 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2023-05-14 18:08 - 2022-06-17 04:30 - 001905928 _____ C:\Windows\system32\vulkaninfo.exe
2023-05-14 18:08 - 2022-06-17 04:30 - 001478392 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-05-14 18:08 - 2022-06-17 04:30 - 001432336 _____ C:\Windows\system32\vulkan-1.dll
2023-05-14 18:08 - 2022-06-17 04:30 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 007813427 _____ C:\Windows\system32\nvcoproc.bin
2023-05-14 18:08 - 2017-03-17 20:44 - 006399544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 002478136 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 000546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 000393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2023-05-14 18:08 - 2017-03-17 20:44 - 000069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2023-05-14 18:08 - 2017-03-17 20:40 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2023-05-14 18:08 - 2017-03-17 20:29 - 000133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2023-05-14 18:08 - 2017-03-17 16:57 - 000213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-05-14 18:08 - 2017-03-17 16:57 - 000201664 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 040123840 _____ C:\Windows\system32\nvcompiler.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 035222464 _____ C:\Windows\SysWOW64\nvcompiler.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 034745792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 028203456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 010912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 010807160 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 010356848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 009161712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 008914024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 008764120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 003937416 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 003477672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 002949056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 002587704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 001983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437711.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 001591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437711.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 001044024 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000979904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000949816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000900664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000802584 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000801560 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000684152 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000643928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000642576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000573400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000394704 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000389056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000327920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-05-14 18:07 - 2017-03-17 16:57 - 000042388 _____ C:\Windows\system32\nvinfo.pb
2023-05-14 18:07 - 2017-03-17 16:57 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2023-05-14 18:07 - 2017-03-17 16:57 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2023-05-14 18:03 - 2023-05-14 18:06 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-05-14 18:02 - 2023-05-14 18:02 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-05-14 17:59 - 2023-05-14 17:59 - 000000000 ____D C:\Windows\system32\lxss
2023-05-14 17:59 - 2023-05-14 17:59 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2023-05-14 17:58 - 2022-06-17 04:30 - 001905928 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-14 17:58 - 2022-06-17 04:30 - 001478392 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-14 17:58 - 2022-06-17 04:30 - 001432336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-05-14 17:58 - 2022-06-17 04:30 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-14 17:58 - 2022-06-17 04:28 - 000586448 _____ C:\Windows\system32\nvofapi64.dll
2023-05-14 17:58 - 2022-06-17 04:28 - 000460496 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-05-14 17:40 - 2023-05-14 18:05 - 001611268 _____ C:\Windows\ntbtlog.txt
2023-05-14 16:45 - 2017-03-17 16:57 - 004167224 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
2023-05-14 16:45 - 2017-03-17 16:57 - 000009472 _____ C:\Windows\system32\nvPerfProvider.man
2023-05-14 15:51 - 2023-05-14 18:42 - 1592472974 _____ C:\Windows\MEMORY.DMP
2023-05-14 15:51 - 2023-05-14 15:51 - 001568572 _____ C:\Windows\Minidump\051423-11984-01.dmp
2023-05-14 15:45 - 2023-05-14 15:45 - 002151668 _____ C:\Windows\Minidump\051423-11500-01.dmp
2023-05-14 14:58 - 2022-04-19 02:46 - 000513272 _____ (Intel) C:\Windows\system32\libvpl.dll
2023-05-14 14:58 - 2022-04-19 02:46 - 000445488 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2023-05-14 14:58 - 2022-04-19 02:45 - 000961384 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2023-05-14 14:58 - 2022-04-19 02:44 - 000720080 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2023-05-14 14:58 - 2022-04-19 02:43 - 000604000 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2023-05-14 14:58 - 2022-04-19 02:43 - 000463008 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2023-05-14 14:58 - 2022-04-19 02:38 - 000221568 _____ C:\Windows\system32\ControlLib.dll
2023-05-14 14:58 - 2022-04-19 02:38 - 000177144 _____ C:\Windows\system32\ControlLib32.dll
2023-05-14 14:51 - 2023-05-14 16:36 - 000000000 ____D C:\Windows\LastGood
2023-05-14 14:24 - 2023-05-14 14:24 - 001631692 _____ C:\Windows\Minidump\051423-11328-01.dmp
2023-05-14 13:57 - 2023-05-14 13:57 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-05-14 13:35 - 2023-05-14 13:35 - 000000000 ___HD C:\$WinREAgent
2023-05-03 19:20 - 2023-05-03 19:20 - 000000000 ____D C:\AdwCleaner
2023-05-03 09:20 - 2023-05-14 11:18 - 000003254 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-05-03 09:20 - 2023-05-14 11:18 - 000003106 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-05-03 07:21 - 2023-05-03 07:21 - 000000000 ____D C:\Users\Michal\AppData\Local\mbam
2023-04-29 21:03 - 2023-04-29 21:03 - 000000000 ____D C:\Update
2023-04-29 20:49 - 2023-04-29 20:49 - 000000223 _____ C:\Users\Michal\Desktop\Smart Game Booster.url
2023-04-26 18:34 - 2023-04-26 18:34 - 000000000 ____D C:\Windows\nvmup
2023-04-25 11:43 - 2023-04-25 11:43 - 000000000 ____D C:\Windows\{8A03D3B4-EAB6-4FFB-AB7F-1F2DEA6AFB7C}
2023-04-24 22:09 - 2023-05-06 13:16 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-24 21:34 - 2023-05-14 18:46 - 000000000 ____D C:\FRST
2023-04-24 21:23 - 2023-04-24 21:23 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-04-24 21:23 - 2023-04-24 21:23 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-04-19 22:54 - 2019-12-17 00:12 - 000614184 _____ (Broadcom Corporation) C:\Windows\system32\bipdll.dll
2023-04-19 22:54 - 2019-12-17 00:12 - 000232712 _____ (Broadcom Corp) C:\Windows\system32\BcmTokenProvider.dll
2023-04-19 22:54 - 2019-12-17 00:12 - 000075016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\cvusbdrv.sys
2023-04-19 22:54 - 2019-12-13 03:21 - 000000226 _____ C:\Windows\system32\setcardsrouting.exe.config
2023-04-19 22:54 - 2019-12-13 03:21 - 000000128 _____ C:\Windows\system32\BcmTokenProvider.rsap

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-14 18:45 - 2022-07-28 10:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-14 18:44 - 2022-10-16 04:35 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-14 18:43 - 2023-01-22 20:52 - 000000000 ____D C:\Windows\Minidump
2023-05-14 18:43 - 2022-07-31 15:00 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Michal
2023-05-14 18:43 - 2022-07-31 15:00 - 000000000 ____D C:\Program Files\CCleaner
2023-05-14 18:43 - 2022-07-28 11:51 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2023-05-14 18:43 - 2022-07-28 11:19 - 000000000 ____D C:\Intel
2023-05-14 18:43 - 2022-07-28 11:07 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-14 18:43 - 2022-07-28 10:52 - 000237647 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2023-05-14 18:43 - 2022-07-28 10:37 - 000000000 ____D C:\Users\Michal
2023-05-14 18:43 - 2022-07-28 10:34 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-05-14 18:43 - 2022-07-28 10:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-14 18:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-05-14 18:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-14 18:31 - 2022-07-28 10:42 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-05-14 18:26 - 2022-07-28 10:40 - 000000000 ____D C:\ProgramData\Avast Software
2023-05-14 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-05-14 18:25 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-05-14 18:10 - 2022-07-28 10:41 - 000000000 ____D C:\Users\Michal\AppData\Local\PlaceholderTileLogoFolder
2023-05-14 18:10 - 2022-07-28 10:38 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2023-05-14 18:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-14 18:09 - 2022-07-28 11:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-05-14 18:09 - 2022-07-28 11:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-05-14 18:09 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-05-14 18:08 - 2022-07-28 11:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-05-14 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Help
2023-05-14 17:56 - 2022-07-28 11:52 - 000000000 ____D C:\Users\Michal\AppData\Local\NVIDIA
2023-05-14 17:41 - 2022-07-28 11:34 - 000000000 ____D C:\Windows\Panther
2023-05-14 15:47 - 2023-04-11 22:30 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-05-14 14:49 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-14 13:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-05-14 13:47 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-05-14 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-05-14 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-14 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-05-14 13:45 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-05-14 13:42 - 2022-07-28 10:38 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-14 12:04 - 2022-07-28 11:45 - 000762592 _____ C:\Windows\system32\perfh019.dat
2023-05-14 12:04 - 2022-07-28 11:45 - 000152284 _____ C:\Windows\system32\perfc019.dat
2023-05-14 12:04 - 2022-07-28 10:43 - 002606902 _____ C:\Windows\system32\PerfStringBackup.INI
2023-05-14 12:04 - 2019-12-07 16:43 - 000719734 _____ C:\Windows\system32\perfh005.dat
2023-05-14 12:04 - 2019-12-07 16:43 - 000145860 _____ C:\Windows\system32\perfc005.dat
2023-05-14 11:18 - 2022-08-29 19:42 - 000003546 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{6BBA2034-FC4A-4486-9EB5-10C6EF9E7C46}
2023-05-14 11:18 - 2022-08-29 19:42 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{559493EA-2EBE-4D42-8F6A-83A4C9D3BF0D}
2023-05-14 11:18 - 2022-07-28 13:04 - 000003628 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-14 11:18 - 2022-07-28 13:04 - 000003404 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-14 11:11 - 2022-07-28 13:38 - 000000000 ____D C:\Users\Michal\AppData\Local\ElevatedDiagnostics
2023-05-14 10:18 - 2023-01-22 15:40 - 000000000 ____D C:\Program Files\Dell
2023-05-14 10:18 - 2022-08-29 21:32 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-14 10:17 - 2022-07-28 13:49 - 000000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2023-05-14 08:21 - 2022-12-29 08:40 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2023-05-13 08:29 - 2022-07-31 16:13 - 000000000 ____D C:\Users\Michal\AppData\Roaming\AIMP
2023-05-13 07:52 - 2022-07-28 10:34 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-12 21:13 - 2022-07-28 12:07 - 000000000 ____D C:\Program Files\Microsoft Office
2023-05-12 21:07 - 2022-07-28 10:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-12 21:07 - 2022-07-28 10:48 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-10 20:05 - 2022-07-28 11:13 - 000000000 ____D C:\Windows\system32\MRT
2023-05-10 19:59 - 2022-07-28 11:13 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-06 13:15 - 2022-07-28 11:45 - 000000000 ____D C:\Windows\SysWOW64\ru
2023-05-06 13:15 - 2022-07-28 11:45 - 000000000 ____D C:\Windows\system32\ru
2023-05-06 13:15 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-05-06 13:15 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\system32\cs
2023-05-06 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-05-06 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-05 21:56 - 2022-07-28 16:42 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Excel
2023-05-04 19:41 - 2022-07-28 12:10 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Word
2023-05-03 19:24 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-05-03 16:26 - 2022-07-28 10:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-04-30 12:32 - 2022-07-28 12:25 - 000180752 _____ C:\Users\Michal\Desktop\Prachárna platby 04_2023.pdf
2023-04-29 20:49 - 2022-10-16 05:41 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-04-29 20:48 - 2023-01-22 15:40 - 000000000 ____D C:\Program Files (x86)\Dell
2023-04-29 09:30 - 2022-07-28 12:25 - 000000583 _____ C:\Users\Michal\Desktop\Sofisa_Michal_04_23.txt
2023-04-29 07:52 - 2023-01-22 16:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-29 07:52 - 2023-01-22 16:09 - 000000000 ____D C:\Program Files (x86)\ST Microelectronics
2023-04-26 18:30 - 2022-07-28 12:25 - 000000515 _____ C:\Users\Michal\Desktop\ŽŠ_Michal_04_23.txt
2023-04-26 18:19 - 2022-07-28 12:10 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Office
2023-04-25 14:54 - 2023-01-22 16:11 - 000000000 ____D C:\drvrtmp
2023-04-25 12:07 - 2023-01-22 16:11 - 000019632 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2023-04-25 11:44 - 2023-01-22 15:38 - 000000000 ____D C:\ProgramData\Dell
2023-04-24 21:23 - 2023-02-16 19:55 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-04-24 21:23 - 2023-02-16 19:55 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-04-24 21:23 - 2022-07-29 22:09 - 002790904 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000484856 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000247248 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000202232 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000165368 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-04-24 21:23 - 2022-07-29 22:09 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-04-19 22:54 - 2022-07-28 10:38 - 000000000 ____D C:\ProgramData\Packages

==================== Files in the root of some directories ========

2022-09-07 22:05 - 2023-02-05 23:40 - 000007597 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Legalize · #29 Příspěvek od **Legalize** » 14 kvě 2023 17:50

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by Michal (14-05-2023 18:46:53)
Running from D:\Stažené soubory
Microsoft Windows 10 Pro Version 22H2 19045.2965 (X64) (2022-07-28 08:36:40)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2238093209-2022152676-238686933-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2238093209-2022152676-238686933-503 - Limited - Disabled)
Guest (S-1-5-21-2238093209-2022152676-238686933-501 - Limited - Disabled)
Michal (S-1-5-21-2238093209-2022152676-238686933-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-2238093209-2022152676-238686933-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
AIMP (HKLM-x32\...\AIMP) (Version: 5.10.2418 - Artem Izmaylov)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.3.6058 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.)
FiveM (HKU\S-1-5-21-2238093209-2022152676-238686933-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.2.15332 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2845.0 - Rockstar Games)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2235.3.28.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{6AD1E885-36E0-4156-8492-8F97C1692259}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A233D898-A5C6-4C08-86E8-502C323DA84D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A2A7C3E9-E78A-4890-BE66-F41B69932FDB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{FDE727F2-B48C-4A79-B9BD-635AE948D7A2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL No LMS Extension (HKLM\...\{FDA183B8-5DA1-4BED-B21A-F8D89BED740C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{1be68cd9-7dbd-4481-816f-a0a7ec6359bd}) (Version: 1.65.245.0 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{1bfc9e76-17dd-4b9e-a76e-467a1ded25f6}) (Version: 22.130.0.5 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Mafia II: Digital Deluxe Edition (HKLM-x32\...\Mafia II: Digital Deluxe Edition_is1) (Version: 1.0.0.1 - )
Mafia III (HKLM-x32\...\1354640203_is1) (Version: 1.090.0 - GOG.com)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 6.0.9 (x64) (HKLM\...\{C30ABA3F-32C0-43D1-B3B8-9AEFD58A15D9}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.9 (x64) (HKLM\...\{FD10B803-97FD-4867-9753-8784BC35D2F8}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM\...\{0B4F742D-2D47-4E95-B756-402822D31C48}) (Version: 48.39.47157 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.9 (x64) (HKLM-x32\...\{67950e91-8f8f-4d75-9252-7cca68ccdacc}) (Version: 6.0.9.31619 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{0F36B110-DAAC-4A9E-9A33-8B3764FD11F1}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{1A249250-9DE9-4D51-8E28-528586D5C205}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 377.11 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 377.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 377.11 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NVIDIA WMI 2.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.29.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8934.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.258 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.54.608.2022 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.71.1428 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.7.0 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
Zoo Tycoon Ultimate Animal Collection v.1.0 (HKLM-x32\...\Zoo Tycoon Ultimate Animal Collection_is1) (Version: - )
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2088.0.7 - )

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-17] (HP Inc.)
Kodu_Game_Lab -> C:\Program Files\WindowsApps\9673InfiniteInstant.KoduGameLab_1.6.12.0_x64__jhcksg2e634ay [2022-11-14] (InfiniteInstant)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-07-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-05-14] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-05-14] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2238093209-2022152676-238686933-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\Steam\steamapps\common\Smart Game Booster for Steam\MenuExt64.dll [2023-04-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\Steam\steamapps\common\Smart Game Booster for Steam\MenuExt64.dll [2023-04-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\Steam\steamapps\common\Smart Game Booster for Steam\MenuExt64.dll [2023-04-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-03-17] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\Steam\steamapps\common\Smart Game Booster for Steam\MenuExt64.dll [2023-04-29] (Chengdu Zhagu Technology Co., Ltd. -> Smart Game Booster)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-10-16 04:39 - 2022-11-07 12:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-10-16 04:39 - 2022-11-07 12:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2023-05-14 18:09 - 2017-03-17 20:30 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-07-31 21:37 - 000002552 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2238093209-2022152676-238686933-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EDC5906E-7D81-4594-9A91-54F0BB1DB1E8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BCEEA463-DA68-4B75-97F0-9F9F83A07C7E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{11C8DA5F-9C7B-4F4C-80E7-0ECAFABFD291}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7DA8D2E-2583-4CD3-ABFB-23DF453AF1ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13B784B4-E3B8-42F0-835E-C3D86402F20A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D1577D4-9D04-4BE2-9221-EE9EDFB16287}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9707CBA7-0636-4768-A10C-97A8B5BE9D4A}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{9428B1FB-F864-45B8-992E-BE1E432CCA77}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{02F64237-42BA-469A-9321-F28E1AADAD32}E:\arma reforger\armareforgersteam.exe] => (Allow) E:\arma reforger\armareforgersteam.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive Studio)
FirewallRules: [UDP Query User{ABD7A6E6-69DF-4227-98DD-A605E60476B3}E:\arma reforger\armareforgersteam.exe] => (Allow) E:\arma reforger\armareforgersteam.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive Studio)
FirewallRules: [TCP Query User{6D796994-F818-4E96-80A9-0989AED32CC1}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{DB67E6B4-C008-4B5A-9267-A4F05E06AC6C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{30DD0E34-C6FD-4C70-8496-CBEA8E24EB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DCAED83E-6AA0-4BDB-9609-DDF29FEE1F0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A83590A6-1C6E-4B0B-8448-48F115DC97C2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{54E61755-06CE-457D-AD42-3ED2DAFC6886}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FD728425-2E76-4278-8C6C-DACFE0F2666B}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{983179A8-597C-4AB1-869E-EFD09B51C517}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{EF1257C3-B3D2-43E7-9473-FBAFC84BEA96}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{0091E14D-AF49-4AAD-891A-5A4A559D86D3}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{E639C1C5-2220-4F28-B3AF-28324C87F385}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0515E318-E1B7-40C6-ACD4-A5726B750308}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1F693E50-054A-4BA6-8C13-B2596004C0E7}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D5559008-0C3A-4261-BA3D-CC200F848318}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0803161E-9D63-43CD-A357-38B25176C785}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6220725-BEAD-4E15-BF9C-6A0281FC7216}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CCD5D85-64C6-4678-80EA-64350C32C7A6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-05-2023 12:52:46 Instalační služba modulů systému Windows
06-05-2023 12:54:19 Instalační služba modulů systému Windows
10-05-2023 20:15:33 Instalační služba modulů systému Windows
14-05-2023 10:18:25 Dell SupportAssist OS Recovery Plugin for Dell Update
14-05-2023 13:18:28 Instalační služba modulů systému Windows
14-05-2023 13:35:30 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: STMicroelectronics 3-Axis Digital Accelerometer
Description: STMicroelectronics 3-Axis Digital Accelerometer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: STMicroelectronics
Service: ST_Accel
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

==================== Event log errors: ========================

Application errors:
==================
Error: (05/14/2023 06:47:38 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:50:38Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:47:08 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:51:08Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:46:38 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:50:38Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:46:08 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:51:08Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:45:38 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:50:38Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:41:06 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:51:06Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:40:36 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:50:36Z. Kód chyby: 0x80070002

Error: (05/14/2023 06:40:06 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2023-05-15T11:51:06Z. Kód chyby: 0x80070002

System errors:
=============
Error: (05/14/2023 06:43:13 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000003b (0x00000000c0000005, 0xfffff8071c91ae19, 0xfffff4840ce4f290, 0x0000000000000000). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: d7867468-ddc1-4a9b-892b-bb92ad96ffed

Error: (05/14/2023 06:42:53 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Soubor s výpisem paměti se nepodařilo vytvořit kvůli chybě při vytváření výpisu paměti.

Error: (05/14/2023 06:43:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:26:01, ‎14.‎05.‎2023) bylo neočekávané.

Error: (05/14/2023 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-RV3QMI2)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/14/2023 06:05:24 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-RV3QMI2)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/14/2023 06:05:24 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-RV3QMI2)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (05/14/2023 06:05:19 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-RV3QMI2)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/14/2023 06:04:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B68-F52A-11D8-B9A5-505054503030}

CodeIntegrity:
===============
Date: 2023-05-14 18:45:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-05-14 18:44:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.29.0 12/21/2022
Motherboard: Dell Inc. 0TYWFR
Processor: Intel(R) Core(TM) i7-7920HQ CPU @ 3.10GHz
Percentage of memory in use: 17%
Total physical RAM: 32616.36 MB
Available physical RAM: 26969.38 MB
Total Virtual: 37480.36 MB
Available Virtual: 32024.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:319.39 GB) (Free:85.14 GB) (Model: SK hynix SC311 SATA 1TB) NTFS
Drive d: () (Fixed) (Total:633.87 GB) (Free:277.19 GB) (Model: SK hynix SC311 SATA 1TB) NTFS
Drive e: () (Fixed) (Total:953.87 GB) (Free:701.13 GB) (Model: KXG50PNV1T02 NVMe TOSHIBA 1024GB) NTFS

\\?\Volume{27ee96cf-cb29-4b96-a2db-b3158517e9dd}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{8b0cd73b-4746-45bb-91c9-c6bf47efaff6}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 336D0697)

Partition: GPT.

==========================================================
Disk: 1 (Size: 953.9 GB) (Disk ID: 336D0683)

Partition: GPT.

==================== End of Addition.txt =======================

#30 Příspěvek od **JaRon** » 15 kvě 2023 05:52

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
Hosts:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
AutoConfigURL: [{8EB8ACF2-18A8-4758-85C1-12B180D94138}] => hxxp://127.0.0.1:86/ <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL

Re: DRIVER_IRQL_NOT_LESS_OR_EQUAL