Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by Scithey (23-12-2023 22:16:29)
Running from E:\
Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) (2022-12-25 12:17:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1849382518-4027056670-1571133428-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1849382518-4027056670-1571133428-503 - Limited - Disabled)
Guest (S-1-5-21-1849382518-4027056670-1571133428-501 - Limited - Disabled)
John (S-1-5-21-1849382518-4027056670-1571133428-1002 - Administrator - Enabled)
Scithey (S-1-5-21-1849382518-4027056670-1571133428-1001 - Administrator - Enabled) => C:\Users\Scithey
WDAGUtilityAccount (S-1-5-21-1849382518-4027056670-1571133428-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_9) (Version: 27.9 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_0) (Version: 28.0 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Audacity 3.2.5 (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
blender (HKLM\...\{C6318CE0-4C79-469E-9097-6A75C0DD6589}) (Version: 3.5.1 - Blender Foundation)
CapCut (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\CapCut) (Version: 2.2.0.491 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2067 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Free Download Manager (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.19.1.5263 - Softdeluxe)
GIMP 2.10.32-1 (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Inkscape (HKLM\...\{B57F4693-8866-4053-B706-901E03F3301B}) (Version: 1.2.2 - Inkscape)
Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{368C1112-09E1-4EE3-A274-9118DF101CA9}) (Version: 10.1.18460.8229 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{a2c684b7-4a4b-425f-a805-1e88940804b0}) (Version: 10.1.18460.8229 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{4DF8D37E-055A-49B8-9317-305ECD1B9D1F}) (Version: 2.4.10654 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000250-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.250.0.2 - Intel Corporation)
Intel® Arc™ Control (HKLM\...\{8D12EC80-2122-4E6C-A566-A3F65E903320}) (Version: 1.66.4728.1 - Intel Corporation) Hidden
Intel® Arc™ Control (HKLM-x32\...\{da8c0cf5-05aa-4dd8-a36a-ee9cdfd8272f}) (Version: 1.66.4728.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ecbee3cf-26b3-4f27-854c-e2e16b3f7fa9}) (Version: 23.4.39.9 - Intel)
Java 8 Update 391 (64-bit) (HKLM\...\{71324AE4-039E-4CA4-87B4-2F64180391F0}) (Version: 8.0.3910.13 - Oracle Corporation)
Killer Performance Driver Suite UWD (HKLM\...\{1929B458-F694-424D-A257-AC5C36F8CC23}) (Version: 35.23.842 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.4.4.2 (HKLM\...\{D6B97DE9-6431-4CCF-B1C3-50C573A93A6E}) (Version: 7.4.4.2 - The Document Foundation)
LMMS 1.2.2 (HKLM-x32\...\LMMS) (Version: 1.2.2 - LMMS Developers)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.3.394992 - Logitech)
Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft .NET Host - 6.0.24 (x64) (HKLM\...\{D3A225CD-8D33-41B4-A171-BD75FA1CBC43}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.24 (x64) (HKLM\...\{1FACB768-CB68-43B5-BB26-1898E1959990}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.24 (x64) (HKLM\...\{666FEAD5-547D-451D-B0A7-4DCB3648D53D}) (Version: 48.96.4014 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.85.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.24 (x64) (HKLM\...\{956E923F-CC4F-423A-BE6C-18F5FA7D8D5B}) (Version: 48.96.4015 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.24 (x64) (HKLM-x32\...\{09d31d87-6c77-48e4-a640-870603e16c20}) (Version: 6.0.24.33018 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool System Booster (HKLM\...\{045CFCEA-A708-4B03-8D72-5D58ED056BDD}) (Version: 1.0.1.194 - MiniTool)
NitroSense Service (HKLM\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3020 - Acer Incorporated)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 537.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera GX Stable 105.0.4970.63 (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\Opera GX 105.0.4970.63) (Version: 105.0.4970.63 - Opera Software)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9091.1 - Realtek Semiconductor Corp.)
RogueKiller version 15.13.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.13.1.0 - Adlice Software)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uninstall Lunar Client (HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.1.3 - Moonsworth LLC)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
vJoy Device Driver 0.2.1.6 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.1.6 - Shaul Eizikovich)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-09-17] (Adobe Systems Incorporated)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-31] (Microsoft Corporation)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-12-25] (Acer Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-02-02] (Microsoft Corporation)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.12.0.0_x64__t5j2fzbtdg37r [2023-10-24] (DTS, Inc.)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1523.831.0_x64__rh07ty8m5nkag [2023-10-29] (INTEL CORP) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3020.0_x64__48frkmn4z8aw4 [2022-12-24] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-26] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-16] (INTEL CORP) [Startup Task]
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-12-25] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.41.289.0_x64__dt26b99r8h8gj [2022-12-25] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-15] (INTEL CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1849382518-4027056670-1571133428-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1849382518-4027056670-1571133428-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-30] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-30] (Adobe Inc. -> )
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\MiniTool\System Booster\Incinerator.dll [2023-12-23] (MiniTool Software Limited -> MiniTool)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-04-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-04-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\MiniTool\System Booster\Incinerator.dll [2023-12-23] (MiniTool Software Limited -> MiniTool)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_eff1a67327d2911d\nvshext.dll [2023-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-09-30] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-04-13 20:04 - 2023-04-13 19:59 - 000164864 _____ () [File not signed] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2023-12-16 14:40 - 2023-12-09 13:16 - 000054272 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\aiohttp\_helpers.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000254464 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\aiohttp\_http_parser.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000049152 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\aiohttp\_http_writer.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000036352 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\aiohttp\_websocket.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000077312 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\frozenlist\_frozenlist.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000046592 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\multidict\_multidict.cp310-win_amd64.pyd
2023-12-16 14:40 - 2023-12-09 13:16 - 000095232 _____ () [File not signed] C:\Users\Scithey\blenderkit_data\daemon\dependencies\3-9-0\3-10\preinstalled\yarl\_quoting_c.cp310-win_amd64.pyd
2023-10-19 21:08 - 2023-10-19 21:08 - 002973696 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2023-12-16 17:20 - 2023-12-16 17:20 - 000116736 _____ (Stas'M Corp.) [File not signed] c:\program files\rdp wrapper\rdpwrap.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2560]
AlternateDataStreams: C:\Users\Scithey:gs5sys [2560]
AlternateDataStreams: C:\Users\Scithey:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3584]
AlternateDataStreams: C:\Users\Scithey\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Scithey\Local Settings:gs5sys [2048]
AlternateDataStreams: C:\Users\Scithey\Soubory cookie:gs5sys [2816]
AlternateDataStreams: C:\Users\Scithey\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Users\Scithey\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Scithey\AppData\Local:gs5sys [2048]
AlternateDataStreams: C:\Users\Scithey\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Scithey\AppData\Local\Data aplikací:gs5sys [2048]
AlternateDataStreams: C:\Users\Scithey\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Scithey\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Scithey\Documents\desktop.ini:gs5sys [2048]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2023-12-23 17:00 - 000000852 ___SH C:\WINDOWS\system32\drivers\etc\hosts

2023-09-20 18:19 - 2023-11-29 21:02 - 000000513 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-TQ5KMS6.mshome.net # 2028 11 1 27 20 2 30 565
192.168.137.176 M2010J19SY.mshome.net # 2023 12 3 6 20 2 30 565

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Scithey\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\716163.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\StartupApproved\StartupFolder: => "Jagex Launcher.lnk"
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-1849382518-4027056670-1571133428-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_55DD066223C2140341A47D594E918963"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{26142B19-4064-4D09-80D7-095C5D406C0C}C:\users\scithey\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\scithey\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{9863746F-937A-46DC-AD2F-E1A7E1853260}C:\users\scithey\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\scithey\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{3D0EAD6F-411B-486D-889B-91DD809F741C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{94AF25A7-5138-437D-8A27-012A358AD74E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{670822FA-7D6A-48FD-B748-42405FB5C4C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{75441B20-38B2-4DC6-B502-6E73FC9D8AD9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A20CEFD3-1F13-4B7F-BA0F-500344812842}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{CDDA08DA-D3E8-4426-A5AA-9391066192DE}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{9DF6824F-F505-4B81-81A0-26DAD4E43785}C:\users\scithey\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\scithey\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{BD64A9FF-BEE7-464B-B1BB-D7952DB44B08}C:\users\scithey\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\scithey\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{6EB85FCF-2019-44CF-B47D-DB14A067078C}C:\users\scithey\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\scithey\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6ACCD3BD-A9BC-458E-A5E2-BAAF4B2A34A2}C:\users\scithey\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\scithey\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76FD61ED-ED24-44F7-9C53-94910296683E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{89D7BEB5-4278-4A58-8A61-4D52F324FD91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86D4F1AA-D1D4-4D78-A69A-81F3F923231F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9016F1F-34CC-482F-BA97-AB0F17C20310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A433754E-4D98-4BC8-9339-2513C7855224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6B3E66B4-E77B-4BEE-B3ED-27FE33D2096B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{3E9BAA66-BBFF-4A2E-AAEC-3988536B29B9}C:\users\scithey\desktop\bigfoot.v5.1.1.1\bigfoot.v5.1.1.1\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) C:\users\scithey\desktop\bigfoot.v5.1.1.1\bigfoot.v5.1.1.1\bigfoot\binaries\win64\bigfoot-win64-shipping.exe (Cyber Light Game Studio) [File not signed]
FirewallRules: [UDP Query User{E1849CF6-2C13-4C2D-99F0-C6EBC1592EE9}C:\users\scithey\desktop\bigfoot.v5.1.1.1\bigfoot.v5.1.1.1\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) C:\users\scithey\desktop\bigfoot.v5.1.1.1\bigfoot.v5.1.1.1\bigfoot\binaries\win64\bigfoot-win64-shipping.exe (Cyber Light Game Studio) [File not signed]
FirewallRules: [{FC0ADE19-E470-4F1D-87A1-FB57B7C05210}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{485C2D31-68D8-494D-92A3-1D8671211EDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06AED3E6-BDE8-4DCF-86EB-F7ACDD4FF29B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE359071-1223-4689-A1E3-97CD6A66D5F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0553A0CD-2C20-4770-8D28-6F19F3AF235E}] => (Block) LPort=139
FirewallRules: [{9B25FA8E-2EB3-442E-BC62-312BC2294930}] => (Block) LPort=445
FirewallRules: [{2F7DC710-3FF3-4CD9-8398-170E19FD4EF6}] => (Block) LPort=139
FirewallRules: [{C73633AC-7539-4A72-98DD-97A000BBAB51}] => (Block) LPort=445
FirewallRules: [{42C97557-E3EC-4040-A40B-AD35A41776C7}] => (Allow) LPort=3389
FirewallRules: [{6371D84F-89AE-4686-B082-6BA8D626AC46}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E859654F-1A44-4091-B710-3D590B465245}] => (Allow) C:\Program Files\MiniTool\System Booster\TrayApp.exe (MiniTool Software Limited -> MiniTool)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2023 10:17:06 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Zadaná služba není nainstalovaná služba.
].


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 13
   Kontext snímku: 13
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Zadaná služba není nainstalovaná služba.
]


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 13
   Kontext snímku: 13
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Zadaná služba není nainstalovaná služba.
].


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: -1
   Kontext snímku: -1
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Zadaná služba není nainstalovaná služba.
]


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: -1
   Kontext snímku: -1
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Zadaná služba není nainstalovaná služba.
].


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Zkontrolovat, zda poskytovatel podporuje svazek
   Přidat svazek k sadě stínových kopií

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 29
   Kontext snímku: 29
   Kontext spuštění: Coordinator
   ID zprostředkovatele: {00000000-0000-0000-0000-000000000000}
   Název svazku: \\?\Volume{c82aaaba-3483-4987-96f6-ae4a2830c072}\
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Zadaná služba není nainstalovaná služba.
]


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Zkontrolovat, zda poskytovatel podporuje svazek
   Přidat svazek k sadě stínových kopií

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 29
   Kontext snímku: 29
   Kontext spuštění: Coordinator
   ID zprostředkovatele: {00000000-0000-0000-0000-000000000000}
   Název svazku: \\?\Volume{c82aaaba-3483-4987-96f6-ae4a2830c072}\
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, Zadaná služba není nainstalovaná služba.
].


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: -1
   Kontext snímku: -1
   Kontext spuštění: Coordinator

Error: (12/23/2023 10:15:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070424, Zadaná služba není nainstalovaná služba.
]


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: -1
   Kontext snímku: -1
   Kontext spuštění: Coordinator


System errors:
=============
Error: (12/23/2023 09:52:01 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (84:d3:52:3f:81:a2) failed.

Error: (12/23/2023 09:50:55 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (84:d3:52:3f:81:a2) failed.

Error: (12/23/2023 09:47:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The GameInput Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restartovat službu.

Error: (12/23/2023 09:47:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The GameInput Service service terminated with the following error: 
The compound file GameInput Service was produced with a newer version of storage.

Error: (12/23/2023 09:41:32 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.

Error: (12/23/2023 09:41:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TQ5KMS6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/23/2023 09:41:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TQ5KMS6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/23/2023 09:41:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TQ5KMS6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2023-12-23 21:24:47
Description: 
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Occamy&threatid=405053&enterprise=0
Name: PUA:Win32/Occamy
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Program Files (x86)\Thief\Binaries\Win64\steam_api64.dll; file:_C:\PROGRA~2\Thief\Binaries\Win64\STEAM_~1.DLL
Detection Origin: Místní počítač
Detection Type: FastPath
Detection Source: Systém
Process Name: C:\Program Files\RogueKiller\RogueKiller64.exe
Security intelligence Version: AV: 1.403.997.0, AS: 1.403.997.0, NIS: 1.403.997.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2023-12-23 21:08:56
Description: 
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Occamy&threatid=405053&enterprise=0
Name: PUA:Win32/Occamy
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Program Files (x86)\Thief\Binaries\Win64\steam_api64.dll; file:_C:\PROGRA~2\Thief\Binaries\Win64\STEAM_~1.DLL
Detection Origin: Místní počítač
Detection Type: FastPath
Detection Source: Systém
Process Name: C:\Program Files\RogueKiller\RogueKiller64.exe
Security intelligence Version: AV: 1.403.997.0, AS: 1.403.997.0, NIS: 1.403.997.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2023-12-23 21:08:56
Description: 
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Occamy&threatid=405053&enterprise=0
Name: PUA:Win32/Occamy
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Program Files (x86)\Thief\Binaries\Win64\steam_api64.dll
Detection Origin: Místní počítač
Detection Type: FastPath
Detection Source: Systém
Process Name: C:\Program Files\RogueKiller\RogueKiller64.exe
Security intelligence Version: AV: 1.403.997.0, AS: 1.403.997.0, NIS: 1.403.997.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2023-12-23 21:00:12
Description: 
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Occamy&threatid=405053&enterprise=0
Name: PUA:Win32/Occamy
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Program Files (x86)\Thief\Binaries\Win64\steam_api64.dll
Detection Origin: Místní počítač
Detection Type: FastPath
Detection Source: Systém
Process Name: Unknown
Security intelligence Version: AV: 1.403.997.0, AS: 1.403.997.0, NIS: 1.403.997.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2023-12-23 20:58:04
Description: 
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Occamy&threatid=405053&enterprise=0
Name: PUA:Win32/Occamy
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Program Files (x86)\Thief\Binaries\Win64\steam_api64.dll
Detection Origin: Místní počítač
Detection Type: FastPath
Detection Source: Ochrana v reálném čase
Process Name: E:\RogueKiller_portable64.exe
Security intelligence Version: AV: 1.403.997.0, AS: 1.403.997.0, NIS: 1.403.997.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2
﻿Event[0]:

Date: 2023-12-23 18:23:23
Description: 
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.  
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-23 16:57:10
Description: 
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.  
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-22 11:52:52
Description: 
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.  
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-22 11:30:13
Description: 
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.  
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-22 11:04:28
Description: 
Antivirová ochrana v programu Microsoft Defender Real-Time Protection feature has encountered an error and failed.
Feature: Při přístupu
Error Code: 0x8007043c
Error description: Tuto službu nelze spustit v nouzovém režimu.  
Reason: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2023-12-03 00:21:31
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\SystemSettings.DataModel.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-12-03 00:21:30
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-11-03 20:31:47
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

BIOS: Insyde Corp. V1.06 08/16/2021
Motherboard: TGL Scala_TLM
Processor: 11th Gen Intel(R) Core(TM) i5-11300H @ 3.10GHz
Percentage of memory in use: 84%
Total physical RAM: 7987.3 MB
Available physical RAM: 1199.88 MB
Total Virtual: 32562.32 MB
Available Virtual: 11376.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.93 GB) (Free:292.5 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
Drive d: (WINDRIVER) (Fixed) (Total:9.49 GB) (Free:0.69 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
Drive e: (Ventoy) (Removable) (Total:57.7 GB) (Free:48.69 GB) exFAT

\\?\Volume{aaa74b38-a8af-4c39-9266-ef1b73ce24ef}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{ea63a2c3-36d2-4e42-8e29-5ff86d928303}\ (UEFISHELL) (Fixed) (Total:1 GB) (Free:0.97 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 1 (Size: 57.7 GB) (Disk ID: 4AE5A9C8)

Partition: GPT.

==================== End of Addition.txt =======================