Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by skimi (administrator) on MSI (Micro-Star International Co., Ltd. GL63 8RD) (12-02-2020 18:37:22)
Running from D:\Plocha
Loaded Profiles: skimi (Available Profiles: skimi)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\skimi\AppData\Roaming\uTorrent Web\helper.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Games\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [utweb] => C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe [5415128 2019-12-20] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-21]
ShortcutTarget: Twitch.lnk -> C:\Users\skimi\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00676FB6-F845-4BC6-A392-149AEE64DAE1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03018639-7E8D-4170-8F89-2E1D6CDACB21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {04421811-7AC3-40FA-A40C-0F89BEBE68A7} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath
Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath
Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath
Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath
Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath
Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath
Task: {0C455DC4-3219-45C4-A4C4-B4C24A0EC72C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath
Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath
Task: {0E3FC6A6-A610-41E9-9849-BA92AA02939C} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath
Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath
Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath
Task: {115D05AA-F47A-4F8B-9C9A-A14F9C47D4EA} - System32\Tasks\Opera scheduled assistant Autoupdate 1579954548 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath
Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath
Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath
Task: {15688EBD-553C-4961-A59D-5981009579B0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath
Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath
Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath
Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath
Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath
Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath
Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath
Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath
Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath
Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath
Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath
Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath
Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath
Task: {25C9FBF5-E1FE-4108-B144-F613C03DB2EF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath
Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath
Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath
Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath
Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath
Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath
Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath
Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath
Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath
Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath
Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath
Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath
Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath
Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath
Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath
Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath
Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath
Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath
Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath
Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath
Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath
Task: {33F88B6F-A74B-43BE-BA73-66F16566E646} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34E2DF35-AA90-4ACD-AA6D-BABE363E7BFF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath
Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath
Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath
Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath
Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath
Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath
Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath
Task: {3E7318D5-285C-4605-B984-96839D0DD6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath
Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath
Task: {43EB2B7E-5407-49E7-B4FA-F61ECFBCA72D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath
Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath
Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath
Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath
Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath
Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath
Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath
Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath
Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath
Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath
Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath
Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath
Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath
Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath
Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath
Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath
Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath
Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath
Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath
Task: {577D10A7-BE53-43D6-8EFE-479B521E6C4E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath
Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath
Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath
Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath
Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath
Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath
Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath
Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath
Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath
Task: {62FCBD74-1A66-4FBD-80F3-CBD8EBF64DF5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath
Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath
Task: {63FA7CC9-F302-41D8-A90E-B4BD19FE4DB2} - System32\Tasks\MonitorMysticLight => C:\Program Files\GamingOSD\MysticLight\MysticLightController.exe
Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath
Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath
Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath
Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath
Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath
Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath
Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath
Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath
Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath
Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath
Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath
Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath
Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath
Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath
Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath
Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath
Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath
Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath
Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath
Task: {74643DF3-D787-45B7-A5A0-ECF3A549B192} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath
Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath
Task: {7989318E-F6EC-479F-8A0E-3C7AA4F7093E} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath
Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath
Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath
Task: {8105A2DA-7ABB-42B8-A028-07CA8BFA1AC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath
Task: {833C463C-BDDB-4F0F-A48D-83C37C1FF3BC} - System32\Tasks\Opera scheduled Autoupdate 1558295913 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {83529663-B66C-4795-AF28-32BBD4132EBD} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath
Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath
Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath
Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath
Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath
Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath
Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath
Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath
Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath
Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath
Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath
Task: {8FFAC89F-CFE7-4A26-88A9-04E4958558B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91ABBDFC-122F-47F1-BE51-6D4B286D21E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath
Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath
Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath
Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath
Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath
Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath
Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath
Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath
Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath
Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath
Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath
Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath
Task: {9BB052A5-330C-400B-8143-3A7EDBAFA9C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath
Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath
Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath
Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath
Task: {9F338A5B-DD8C-4746-ACF9-A2D56B440605} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath
Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath
Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath
Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath
Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath
Task: {A25E356C-20F1-47DF-8834-8C0F17C811AB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-11] (Adobe Inc. -> Adobe)
Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath
Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath
Task: {A38515A1-EDE0-4881-94A3-52EB19FCC1B5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath
Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath
Task: {A9C49965-0D2C-4E3E-B76C-9F172C0406A3} - System32\Tasks\MonitorMicroKey => C:\Program Files\GamingOSD\MonitorMicroKeyDetector.exe
Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath
Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath
Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath
Task: {B0E01A32-2ADD-422D-87CC-590A10397575} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath
Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath
Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath
Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath
Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath
Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath
Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath
Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath
Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath
Task: {BE3639FB-2988-4346-ACDE-7D17E1263CAA} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath
Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath
Task: {C02CEC54-DD33-413F-8101-56EC96DE2E21} - System32\Tasks\Opera scheduled assistant Autoupdate 1558295916 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath
Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath
Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath
Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath
Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath
Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath
Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath
Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath
Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath
Task: {CB3D9A1F-2B62-448B-AA04-69B4A271B5FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath
Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath
Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath
Task: {D38ACA79-0158-4FCA-892E-749BC833693E} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath
Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath
Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath
Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath
Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath
Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath
Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath
Task: {DBD5C285-798F-4C01-A20B-584C2ECB9157} - System32\Tasks\EMPTY => C:\Program Files\emptystanbylist\EmptyStandbyList.exe [139424 2020-02-09] (Wen Jia Liu -> )
Task: {DC849DA6-5A92-40EB-BEFE-FB661C0A12F8} - System32\Tasks\Opera scheduled Autoupdate 1579954543 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath
Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath
Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath
Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath
Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath
Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath
Task: {E69CB7F2-4ED4-4FDA-834E-7E30798641AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath
Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath
Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath
Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath
Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath
Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath
Task: {F6208C70-C673-462C-AE02-B7EBA8210545} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath
Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath
Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath
Task: {F9FF51AC-A222-4AD1-939C-5527D5C9D99D} - System32\Tasks\GamingOSDAutoStartUp => C:\Program Files\GamingOSD\GamingOSD.exe
Task: {FDCF9B77-F73F-4058-82B7-4267C2C28AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath
Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath
Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3800a79c-bfed-4fb3-a2e7-c8f45a744789}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{786c19f0-8b67-4d50-9b2d-04289cca0f83}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL =
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D05191 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: p6zhqc64.default
FF ProfilePath: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF SearchPlugin: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default\searchplugins\bing-lavasoft-ff59.xml [2019-05-19]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR DownloadDir: D:\Stažené google chrome
CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113& ... oogle.com/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-01]
CHR Extension: (Safe Torrent Scanner) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-01-25]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2019-10-05] [UpdateUrl:hxxps://cdn.ffzap.com/firefox-updates.json] <==== ATTENTION
CHR Extension: (Dokumenty) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-01]
CHR Extension: (Disk Google) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-01]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-01-04]
CHR Extension: (YouTube) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (FrankerFaceZ) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-10-05]
CHR Extension: (Tabulky) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-01-15]
CHR Extension: (MSI) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbibdjmopapngkdbibajfpnipligfpa [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-02]
CHR Extension: (Hover Zoom) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2019-10-18]
CHR Extension: (Gmail) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-09-12] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-07-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1301064 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2807824 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762056 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1451976 2019-07-19] (A-Volute -> Nahimic)
S3 NGS; C:\ProgramData\Nexon\NGS\NGService.exe [3097648 2019-06-01] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2329904 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [3204912 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-10-18] () [File not signed]
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [399440 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3753016 2019-08-19] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72720 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw08; C:\WINDOWS\system32\DRIVERS\Netwtw08.sys [9278456 2019-09-05] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvlddmkm.sys [23276960 2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-08-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56912 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-08-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3865f7cd0ca0fb7c\xvdd.sys [485720 2020-01-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 18:37 - 2020-02-12 18:37 - 000000000 ____D C:\FRST
2020-02-12 18:20 - 2020-02-12 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Mans Sky Beyond
2020-02-12 02:13 - 2020-02-12 18:27 - 000000000 ____D C:\Users\skimi\AppData\Local\LOOT
2020-02-12 01:33 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-02-12 01:33 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-02-12 01:33 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-02-11 18:08 - 2020-02-11 18:08 - 000000000 ____D C:\Users\skimi\AppData\Roaming\HelloGames
2020-02-09 11:38 - 2020-02-09 11:38 - 000003418 _____ C:\WINDOWS\system32\Tasks\EMPTY
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2020-02-09 11:33 - 2020-02-09 11:34 - 000000000 ____D C:\Program Files\emptystanbylist
2020-02-08 18:57 - 2020-02-08 18:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000450784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000353368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 011843712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 010167752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001485680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001002368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000677576 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000574296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-02-08 18:54 - 2020-01-30 23:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 040511616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 035380128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 015032016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 000858240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-02-08 18:54 - 2020-01-30 23:01 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-02-08 18:54 - 2020-01-30 04:15 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-02-05 23:12 - 2020-02-05 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-30 04:57 - 2020-01-30 04:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2020-01-30 01:15 - 2020-02-12 02:13 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\Nexus Mod Manager
2020-01-30 01:15 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Black_Tree_Gaming
2020-01-30 01:14 - 2020-02-07 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-01-30 00:03 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Fallout4
2020-01-27 22:53 - 2020-01-27 22:56 - 000000000 ____D C:\ProgramData\WinZip
2020-01-27 22:44 - 2020-01-27 22:45 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\FOMM
2020-01-27 22:40 - 2020-01-27 22:40 - 000000000 ____D C:\Users\skimi\AppData\Local\FOMM
2020-01-27 22:36 - 2020-01-27 22:36 - 000000000 ____D C:\Users\skimi\AppData\Local\FalloutNV
2020-01-27 21:37 - 2020-01-27 21:37 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\Smac
2020-01-27 20:17 - 2020-01-27 20:17 - 000000000 ____D C:\Users\skimi\AppData\Local\Deadsiege
2020-01-25 14:33 - 2020-01-25 14:33 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\SkidRow
2020-01-25 14:32 - 2020-01-25 14:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\SKS
2020-01-25 13:15 - 2020-02-12 18:19 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent Web
2020-01-25 13:15 - 2020-01-25 13:18 - 000001872 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-01-25 13:15 - 2020-01-25 13:15 - 000004392 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1579954548
2020-01-25 13:15 - 2020-01-25 13:15 - 000004138 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1579954543
2020-01-15 10:08 - 2020-01-15 10:08 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 10:02 - 2020-01-15 10:02 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 10:02 - 2020-01-15 10:02 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 18:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-12 18:33 - 2019-06-01 17:46 - 000000000 ____D C:\Users\skimi\AppData\Local\CrashDumps
2020-02-12 18:31 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Local\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\ProgramData\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:59 - 000000000 ____D C:\Program Files\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:58 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-02-12 18:20 - 2019-07-29 00:27 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Yousician Launcher
2020-02-12 18:17 - 2019-05-01 14:49 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\My Games
2020-02-12 18:14 - 2019-06-22 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-12 12:58 - 2019-05-19 21:01 - 000000000 ____D C:\Users\skimi\AppData\Local\BitTorrentHelper
2020-02-12 12:25 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-12 09:43 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-12 09:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-11 23:21 - 2019-09-24 21:33 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Discord
2020-02-11 19:15 - 2019-07-27 16:24 - 000004600 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-10 18:37 - 2019-06-22 22:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2466524190-1393262879-1045153092-1001
2020-02-10 18:37 - 2019-06-22 22:09 - 000002372 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-10 18:37 - 2019-05-01 14:20 - 000000000 ___RD C:\Users\skimi\OneDrive
2020-02-09 18:48 - 2020-01-09 18:51 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2020-02-09 18:48 - 2019-06-22 22:14 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2020-02-09 18:48 - 2019-05-01 14:18 - 000000000 __SHD C:\Users\skimi\IntelGraphicsProfiles
2020-02-09 15:04 - 2019-05-04 18:31 - 000016335 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-02-08 19:08 - 2019-10-18 16:50 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2020-02-08 19:08 - 2019-10-18 16:50 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2020-02-08 19:08 - 2019-06-22 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-08 19:08 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-08 19:07 - 2019-05-04 18:31 - 000023200 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-02-08 19:07 - 2019-05-04 18:31 - 000008588 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-02-08 19:06 - 2019-11-01 18:14 - 000000000 ____D C:\Users\skimi\AppData\Local\New Technology Studio
2020-02-08 19:04 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent
2020-02-08 19:02 - 2019-08-26 16:08 - 000000000 ____D C:\ProgramData\Zoner
2020-02-08 19:00 - 2019-05-01 14:18 - 000000000 ____D C:\Users\skimi\AppData\Local\Packages
2020-02-08 18:58 - 2019-10-25 15:59 - 000002945 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-02-08 18:58 - 2019-05-01 14:37 - 000000000 ____D C:\Users\skimi\AppData\Local\NVIDIA
2020-02-08 18:54 - 2019-05-01 18:50 - 000129088 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-02-08 18:54 - 2019-05-01 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-02-08 18:54 - 2019-05-01 18:49 - 000000000 ____D C:\Program Files\Java
2020-02-07 09:53 - 2019-12-10 22:30 - 000000620 _____ C:\Users\skimi\OneDrive\Dokumenty\ClownfishVoiceChanger.ini
2020-02-06 17:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-05 23:12 - 2019-07-29 10:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-05 17:40 - 2019-06-22 22:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 17:40 - 2019-06-22 22:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-04 23:21 - 2019-05-10 14:49 - 000021643 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-02-03 23:09 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-30 23:01 - 2019-11-06 19:05 - 004230544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-30 23:01 - 2019-06-02 10:15 - 004962792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 20:33 - 2019-12-12 23:14 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-01-30 20:33 - 2019-10-14 06:11 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-01-30 20:33 - 2019-06-22 22:20 - 001336248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000149432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000087992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-01-30 16:10 - 2019-05-01 14:48 - 000000000 ____D C:\Users\skimi\AppData\Local\D3DSCache
2020-01-29 02:38 - 2019-07-29 10:56 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-29 02:38 - 2019-07-29 10:56 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-28 22:20 - 2019-07-29 10:56 - 000003974 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-28 22:20 - 2019-07-29 10:56 - 000003742 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-27 20:17 - 2019-05-30 22:59 - 000000000 ____D C:\Users\skimi\AppData\Local\UnrealEngine
2020-01-27 03:31 - 2019-05-19 19:47 - 000000000 ____D C:\Users\skimi\AppData\Local\Ubisoft Game Launcher
2020-01-26 20:39 - 2019-11-05 00:19 - 000000000 ____D C:\Users\skimi\AppData\Local\DigitalEntitlements
2020-01-25 13:23 - 2019-06-22 22:09 - 000000000 ____D C:\Users\skimi
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Opera Software
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Local\Opera Software
2020-01-24 23:58 - 2019-12-06 01:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\uTorrent
2020-01-24 22:06 - 2019-05-01 14:29 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Twitch
2020-01-23 18:50 - 2019-05-01 14:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 17:51 - 2019-09-14 16:37 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-22 08:33 - 2019-08-03 22:07 - 000000000 ____D C:\Users\skimi\AppData\Local\Battle.net
2020-01-15 10:36 - 2019-06-22 22:05 - 000267672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 10:12 - 2019-05-01 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 10:09 - 2019-05-01 16:24 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 03:03 - 2019-05-16 09:24 - 000000000 ____D C:\Users\skimi\AppData\Local\ElevatedDiagnostics
2020-01-13 21:56 - 2019-06-22 22:14 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
==================== Files in the root of some directories ========
2019-11-01 17:00 - 2019-11-01 17:00 - 042738921 _____ () C:\Users\skimi\AppData\Roaming\gta5_patch.bin
2019-11-01 17:00 - 2019-11-01 17:00 - 000332800 _____ () C:\Users\skimi\AppData\Roaming\patcher.dll
2019-10-15 10:54 - 2019-10-15 10:54 - 000000410 _____ () C:\Users\skimi\AppData\Local\oobelibMkey.log
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ () C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp
2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by skimi (12-02-2020 18:38:31)
Running from D:\Plocha
Windows 10 Home Version 1903 18362.592 (X64) (2019-06-22 21:15:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2466524190-1393262879-1045153092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2466524190-1393262879-1045153092-503 - Limited - Disabled)
Guest (S-1-5-21-2466524190-1393262879-1045153092-501 - Limited - Disabled)
skimi (S-1-5-21-2466524190-1393262879-1045153092-1001 - Administrator - Enabled) => C:\Users\skimi
WDAGUtilityAccount (S-1-5-21-2466524190-1393262879-1045153092-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{334850ef-c0ab-431a-a26f-193c2fdaa072}) (Version: 21.40.2 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.41 - Rivet Networks)
AR8171 Drivers (HKLM\...\{8386D032-4BA5-4BDA-A86D-22A2761881AA}) (Version: 1.0.0.41 - Rivet Networks) Hidden
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.47.11 - Bethesda Softworks)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CrossHair (HKLM-x32\...\{8436142A-9949-48E9-B24A-F2C7408302FA}) (Version: 1.0.1 - Mike Lin)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{BA700CA0-A940-43A5-9779-560DADB0C245}) (Version: 0.11.0 - prekladyher.eu)
Fallout 4 MULTi8 - ElAmigos version 1.10.114 (HKLM-x32\...\{56CEC358-CB9B-4FC3-9ADD-E8C152257F88}_is1) (Version: 1.10.114 - Bethesda Softworks)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.0.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightscreen version 2.4 (HKLM-x32\...\{4A59754E-D644-4F84-9768-41F68053F08E}_is1) (Version: 2.4 - Christian Kaiser)
Microsoft OneDrive (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.1 - Black Tree Gaming)
No Mans Sky Beyond (HKLM-x32\...\No Mans Sky Beyond_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-31] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-20] (INTEL CORP)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm [2019-12-25] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-09-30] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2285.0_x64__8j3eq9eme6ctt [2020-01-29] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.181.0_x64__dt26b99r8h8gj [2019-07-30] (Realtek Semiconductor Corp)
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.23255.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-31] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-05-02] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-20 01:36 - 2019-12-20 01:36 - 001414656 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avcodec-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000898048 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avformat-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000451072 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avutil-56.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000151552 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\swresample-3.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\SSLEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\LIBEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\ssleay32.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\platforms\qwindows.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Core.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Gui.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Network.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Widgets.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8282CEFB-DD13-4343-96CF-FC47D96D835E}] => (Allow) D:\Games\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{21C6372F-F346-4071-80DE-F5B25CAE7115}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C08642FB-D5F0-45B7-B7BA-D9309ABE2331}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8984C116-F641-4B78-82A3-B21A8BCE3367}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{958B5F78-10CF-4F28-AB83-EB54767E154D}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4AF14A16-D370-45BA-96B9-F78AF6CBD3E6}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E4AEA161-EBCA-44DF-9AD4-D7A09A973AD9}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{53EAAE13-446A-41A8-83CB-A6131DC649F0}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A898B99E-36C6-4B5F-83E2-9F0888BA55BF}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{93C3D178-69E2-406F-8294-8C4F5A70E2AB}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{99BFEC0D-D797-4E51-8D92-F7BE01415A68}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{20EBE934-817D-49F5-B0B7-AD96CD13752F}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{474E9FC4-41BD-4817-B197-38DC728C978A}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{4FBFB75C-4EE7-482E-880A-5CA599EE313E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BBA71315-0C6B-4C2A-B257-6795A955E30E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{525F8754-0A4A-48AE-809C-4ED2F540DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{909603A2-8623-43A7-AAFC-09C9198F4D59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49BB1C2-BCDB-4156-BB2C-504B47A66DBC}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{B78AD7B6-B13D-4066-8058-1AD2037C736A}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{51B92E96-EEAE-4887-B0FB-F235903DD084}] => (Allow) LPort=3001
FirewallRules: [{8C7CAB6B-D235-4136-9835-335C1600A608}] => (Allow) LPort=3000
FirewallRules: [{8E475E85-DBE7-4675-9D1A-167C2F18DFC5}] => (Allow) LPort=3000
FirewallRules: [{1B2DA007-9E2D-4149-B465-455A34709BED}] => (Allow) LPort=3000
FirewallRules: [{F33ABEDD-0F39-4949-8CFC-1173B3D631D5}] => (Allow) LPort=3001
FirewallRules: [{6B43B002-0014-4E47-943F-075001E340A8}] => (Allow) LPort=3001
FirewallRules: [{02589376-A544-4FFA-8333-381686BC3238}] => (Allow) LPort=4001
FirewallRules: [{337AD62D-70AB-4CE3-AC3F-7E48F0CC4AC1}] => (Allow) LPort=4000
FirewallRules: [{8C0ACA11-6F12-4391-BC8B-0A2477A2B5D8}] => (Allow) LPort=4000
FirewallRules: [{2AFD1C93-52F7-4F45-A03B-173B09DFBA15}] => (Allow) LPort=4000
FirewallRules: [{89562DEF-55F9-4750-8A7B-5F6E3254E445}] => (Allow) LPort=4001
FirewallRules: [{1F545F66-FB5B-42DF-A698-C0CA03AE0A45}] => (Allow) LPort=4001
FirewallRules: [TCP Query User{0F489DB7-3130-4DDE-B908-86079389D9D3}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B08688D2-B719-423B-A50A-BB16982853DE}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{7FAF299C-0F77-40AB-9BF5-5B8E1546F7C5}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4843CEE8-0225-42B5-86CE-3730E5AD481A}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{11967A68-C4F5-4A81-9071-CA255CCDB18F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{DFAA91D0-A41A-4E2D-8E4B-C81FDB223B38}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [{0B48ED66-025D-4C8F-848F-6FBE652A5F76}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [TCP Query User{79306124-DF56-4F40-BCAA-EF3E41D02074}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{55C350AC-F18D-4D1D-8470-BE8E2B9FE223}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{CD6EB7FF-A70A-4E01-9CDC-759BE8639769}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{CFCEB538-9C31-4CFD-8102-9AF765043C37}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{81599231-9A02-449B-847A-B5166B73A4C9}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{DC48E686-25E1-49FA-8E66-E5B790248883}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{DCBBAF82-EB84-4ABE-BF10-6160FF0869D6}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D763ED98-6A03-4626-983B-5FA430DED699}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A2676D07-25C4-4511-8634-B00AFF0F65A5}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{820D84DF-9B4F-4CC9-867F-745B5FB437F4}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{B5D758F1-B2FC-42F2-8734-A0B0FFF946E8}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{F4E49774-B08F-4428-BFA9-2F470FC81DDB}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{A1430118-CEF4-450E-9C20-992485D7B99F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86F93381-06ED-44FB-80D0-6C4409DB5FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F08491E8-9719-4C09-8827-A62227D990CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99295176-9890-4DAD-B586-4F404CF4F479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19706760-D55E-4C46-B4FE-4F3DDBE812D3}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{9DD18CF9-D164-4974-8838-10BA87925F3E}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2E2FDF39-5B0D-4900-B416-92BA831132BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ADF48258-6608-4B40-957F-F043DAF828C2}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [{D3F13E6B-BEE4-4B44-9CB2-FE4DCDC1993B}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{15CD25AD-92D2-4A6D-99F6-FF4C59C1963F}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{0D594371-5640-4567-88E8-3729A4BB1F34}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F1745E8E-D2D6-4911-97FA-3D92AC32770F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E929B175-37DB-4237-B03F-502B0ECD29B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD1EC55F-3818-4B9A-BA41-6D8482D3C32F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D693D25A-DB34-4C3A-97B8-BCA99C0D2A63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F55AFD8-4EB3-490F-8DF4-56C29B46855E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AD40CBC-85AE-4745-B47B-CDC95DE210B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72D69478-A389-4877-A696-A7F26DAEE6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF35E496-0FFD-4919-84C4-5DD65A60121D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{310CA13A-5754-4C6E-95E3-83AA80D062E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EBD363-626F-419C-9048-9586AF53F1CF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{E3D57831-E978-439E-8F11-904E43E41521}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{DA8BD07F-1249-42AC-A7A5-A9FDD67FDA87}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:17.34 GB) (15%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/12/2020 06:29:43 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 06:29:28 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 09:48:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 09:08:19 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4172,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 09:02:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.18362.418, časové razítko: 0x5d995690
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.387, časové razítko: 0x4361b720
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006db8e
ID chybujícího procesu: 0x7c4
Čas spuštění chybující aplikace: 0x01d5e1268382f21b
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0b24b5a6-147f-477e-af1a-e96244fee10e
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/12/2020 04:04:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5648,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 03:48:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 02:38:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkyrimSE.exe, verze: 1.0.0.0, časové razítko: 0x5dcae282
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.387, časové razítko: 0x4361b720
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006c4c8
ID chybujícího procesu: 0x449c
Čas spuštění chybující aplikace: 0x01d5e14510b87a69
Cesta k chybující aplikaci: D:\Games\TES V Skyrim - Special Edition\SkyrimSE.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: a6644030-1e69-40f2-a811-6d803c845df3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/12/2020 06:33:39 PM) (Source: DCOM) (EventID: 10000) (User: MSI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/12/2020 09:43:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.
Error: (02/12/2020 09:03:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/09/2020 03:04:39 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-02-12 01:40:17.178
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:13.843
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:11.967
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:39:46.919
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$EXa1028.46229\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 00:59:37.874
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ludicrouz.O
ID: 2147723196
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso; file:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso->the-elder-scrolls-v-skyrim-special-edit_328601.exe; webfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso|https://giliderterp.cf/?24d41f02e14db3f ... 1113699625
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MSI\skimi
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 18:18:23.564
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: MSI\skimi
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Verze bezpečnostních informací: AV: 1.309.826.0, AS: 1.309.826.0
Verze modulu: 1.1.16700.3
CodeIntegrity:
===================================
Date: 2020-01-25 13:14:20.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:20.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.051
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.039
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E16P6IMS.107 09/05/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P6
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 38%
Total physical RAM: 16230.21 MB
Available physical RAM: 9984.42 MB
Total Virtual: 19004.27 MB
Available Virtual: 9916.35 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:17.34 GB) NTFS
Drive d: () (Fixed) (Total:912.76 GB) (Free:201.67 GB) NTFS
Drive e: (No Mans Sky Beyond) (CDROM) (Total:8.39 GB) (Free:0 GB) UDF
\\?\Volume{473e7fc5-f5a9-405f-ae34-7499bc2514e9}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{2133cda6-146c-4b93-b6fa-4ea546b0a6cc}\ (BIOS_RVY) (Fixed) (Total:18.75 GB) (Free:0.23 GB) NTFS
\\?\Volume{c648f47e-00d7-41ce-b5d5-1e5f31ee38ac}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 4FC43474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4FC43456)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by skimi (12-02-2020 18:38:31)
Running from D:\Plocha
Windows 10 Home Version 1903 18362.592 (X64) (2019-06-22 21:15:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2466524190-1393262879-1045153092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2466524190-1393262879-1045153092-503 - Limited - Disabled)
Guest (S-1-5-21-2466524190-1393262879-1045153092-501 - Limited - Disabled)
skimi (S-1-5-21-2466524190-1393262879-1045153092-1001 - Administrator - Enabled) => C:\Users\skimi
WDAGUtilityAccount (S-1-5-21-2466524190-1393262879-1045153092-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{334850ef-c0ab-431a-a26f-193c2fdaa072}) (Version: 21.40.2 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.41 - Rivet Networks)
AR8171 Drivers (HKLM\...\{8386D032-4BA5-4BDA-A86D-22A2761881AA}) (Version: 1.0.0.41 - Rivet Networks) Hidden
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.47.11 - Bethesda Softworks)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CrossHair (HKLM-x32\...\{8436142A-9949-48E9-B24A-F2C7408302FA}) (Version: 1.0.1 - Mike Lin)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{BA700CA0-A940-43A5-9779-560DADB0C245}) (Version: 0.11.0 - prekladyher.eu)
Fallout 4 MULTi8 - ElAmigos version 1.10.114 (HKLM-x32\...\{56CEC358-CB9B-4FC3-9ADD-E8C152257F88}_is1) (Version: 1.10.114 - Bethesda Softworks)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.0.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightscreen version 2.4 (HKLM-x32\...\{4A59754E-D644-4F84-9768-41F68053F08E}_is1) (Version: 2.4 - Christian Kaiser)
Microsoft OneDrive (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.1 - Black Tree Gaming)
No Mans Sky Beyond (HKLM-x32\...\No Mans Sky Beyond_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-31] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-20] (INTEL CORP)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm [2019-12-25] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-09-30] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2285.0_x64__8j3eq9eme6ctt [2020-01-29] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.181.0_x64__dt26b99r8h8gj [2019-07-30] (Realtek Semiconductor Corp)
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.23255.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-31] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-05-02] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2001.1001.4.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-20 01:36 - 2019-12-20 01:36 - 001414656 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avcodec-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000898048 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avformat-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000451072 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avutil-56.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000151552 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\swresample-3.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\SSLEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\LIBEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\ssleay32.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\platforms\qwindows.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Core.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Gui.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Network.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Widgets.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8282CEFB-DD13-4343-96CF-FC47D96D835E}] => (Allow) D:\Games\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{21C6372F-F346-4071-80DE-F5B25CAE7115}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C08642FB-D5F0-45B7-B7BA-D9309ABE2331}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8984C116-F641-4B78-82A3-B21A8BCE3367}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{958B5F78-10CF-4F28-AB83-EB54767E154D}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4AF14A16-D370-45BA-96B9-F78AF6CBD3E6}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E4AEA161-EBCA-44DF-9AD4-D7A09A973AD9}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{53EAAE13-446A-41A8-83CB-A6131DC649F0}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A898B99E-36C6-4B5F-83E2-9F0888BA55BF}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{93C3D178-69E2-406F-8294-8C4F5A70E2AB}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{99BFEC0D-D797-4E51-8D92-F7BE01415A68}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{20EBE934-817D-49F5-B0B7-AD96CD13752F}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{474E9FC4-41BD-4817-B197-38DC728C978A}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{4FBFB75C-4EE7-482E-880A-5CA599EE313E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BBA71315-0C6B-4C2A-B257-6795A955E30E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{525F8754-0A4A-48AE-809C-4ED2F540DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{909603A2-8623-43A7-AAFC-09C9198F4D59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49BB1C2-BCDB-4156-BB2C-504B47A66DBC}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{B78AD7B6-B13D-4066-8058-1AD2037C736A}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{51B92E96-EEAE-4887-B0FB-F235903DD084}] => (Allow) LPort=3001
FirewallRules: [{8C7CAB6B-D235-4136-9835-335C1600A608}] => (Allow) LPort=3000
FirewallRules: [{8E475E85-DBE7-4675-9D1A-167C2F18DFC5}] => (Allow) LPort=3000
FirewallRules: [{1B2DA007-9E2D-4149-B465-455A34709BED}] => (Allow) LPort=3000
FirewallRules: [{F33ABEDD-0F39-4949-8CFC-1173B3D631D5}] => (Allow) LPort=3001
FirewallRules: [{6B43B002-0014-4E47-943F-075001E340A8}] => (Allow) LPort=3001
FirewallRules: [{02589376-A544-4FFA-8333-381686BC3238}] => (Allow) LPort=4001
FirewallRules: [{337AD62D-70AB-4CE3-AC3F-7E48F0CC4AC1}] => (Allow) LPort=4000
FirewallRules: [{8C0ACA11-6F12-4391-BC8B-0A2477A2B5D8}] => (Allow) LPort=4000
FirewallRules: [{2AFD1C93-52F7-4F45-A03B-173B09DFBA15}] => (Allow) LPort=4000
FirewallRules: [{89562DEF-55F9-4750-8A7B-5F6E3254E445}] => (Allow) LPort=4001
FirewallRules: [{1F545F66-FB5B-42DF-A698-C0CA03AE0A45}] => (Allow) LPort=4001
FirewallRules: [TCP Query User{0F489DB7-3130-4DDE-B908-86079389D9D3}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B08688D2-B719-423B-A50A-BB16982853DE}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{7FAF299C-0F77-40AB-9BF5-5B8E1546F7C5}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4843CEE8-0225-42B5-86CE-3730E5AD481A}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{11967A68-C4F5-4A81-9071-CA255CCDB18F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{DFAA91D0-A41A-4E2D-8E4B-C81FDB223B38}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [{0B48ED66-025D-4C8F-848F-6FBE652A5F76}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [TCP Query User{79306124-DF56-4F40-BCAA-EF3E41D02074}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{55C350AC-F18D-4D1D-8470-BE8E2B9FE223}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{CD6EB7FF-A70A-4E01-9CDC-759BE8639769}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{CFCEB538-9C31-4CFD-8102-9AF765043C37}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{81599231-9A02-449B-847A-B5166B73A4C9}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{DC48E686-25E1-49FA-8E66-E5B790248883}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{DCBBAF82-EB84-4ABE-BF10-6160FF0869D6}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D763ED98-6A03-4626-983B-5FA430DED699}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A2676D07-25C4-4511-8634-B00AFF0F65A5}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{820D84DF-9B4F-4CC9-867F-745B5FB437F4}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{B5D758F1-B2FC-42F2-8734-A0B0FFF946E8}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{F4E49774-B08F-4428-BFA9-2F470FC81DDB}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{A1430118-CEF4-450E-9C20-992485D7B99F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86F93381-06ED-44FB-80D0-6C4409DB5FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F08491E8-9719-4C09-8827-A62227D990CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99295176-9890-4DAD-B586-4F404CF4F479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19706760-D55E-4C46-B4FE-4F3DDBE812D3}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{9DD18CF9-D164-4974-8838-10BA87925F3E}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2E2FDF39-5B0D-4900-B416-92BA831132BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ADF48258-6608-4B40-957F-F043DAF828C2}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [{D3F13E6B-BEE4-4B44-9CB2-FE4DCDC1993B}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{15CD25AD-92D2-4A6D-99F6-FF4C59C1963F}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{0D594371-5640-4567-88E8-3729A4BB1F34}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F1745E8E-D2D6-4911-97FA-3D92AC32770F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E929B175-37DB-4237-B03F-502B0ECD29B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD1EC55F-3818-4B9A-BA41-6D8482D3C32F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D693D25A-DB34-4C3A-97B8-BCA99C0D2A63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F55AFD8-4EB3-490F-8DF4-56C29B46855E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AD40CBC-85AE-4745-B47B-CDC95DE210B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72D69478-A389-4877-A696-A7F26DAEE6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF35E496-0FFD-4919-84C4-5DD65A60121D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{310CA13A-5754-4C6E-95E3-83AA80D062E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EBD363-626F-419C-9048-9586AF53F1CF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{E3D57831-E978-439E-8F11-904E43E41521}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{DA8BD07F-1249-42AC-A7A5-A9FDD67FDA87}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:17.34 GB) (15%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/12/2020 06:29:43 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 06:29:28 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 09:48:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 09:08:19 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4172,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 09:02:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.18362.418, časové razítko: 0x5d995690
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.387, časové razítko: 0x4361b720
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006db8e
ID chybujícího procesu: 0x7c4
Čas spuštění chybující aplikace: 0x01d5e1268382f21b
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0b24b5a6-147f-477e-af1a-e96244fee10e
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/12/2020 04:04:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5648,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 03:48:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 02:38:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkyrimSE.exe, verze: 1.0.0.0, časové razítko: 0x5dcae282
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.387, časové razítko: 0x4361b720
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006c4c8
ID chybujícího procesu: 0x449c
Čas spuštění chybující aplikace: 0x01d5e14510b87a69
Cesta k chybující aplikaci: D:\Games\TES V Skyrim - Special Edition\SkyrimSE.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: a6644030-1e69-40f2-a811-6d803c845df3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/12/2020 06:33:39 PM) (Source: DCOM) (EventID: 10000) (User: MSI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/12/2020 09:43:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.
Error: (02/12/2020 09:03:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/09/2020 03:04:39 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm!App se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/09/2020 03:04:37 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-02-12 01:40:17.178
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:13.843
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:11.967
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:39:46.919
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$EXa1028.46229\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 00:59:37.874
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ludicrouz.O
ID: 2147723196
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso; file:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso->the-elder-scrolls-v-skyrim-special-edit_328601.exe; webfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso|https://giliderterp.cf/?24d41f02e14db3f ... 1113699625
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MSI\skimi
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 18:18:23.564
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: MSI\skimi
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Verze bezpečnostních informací: AV: 1.309.826.0, AS: 1.309.826.0
Verze modulu: 1.1.16700.3
CodeIntegrity:
===================================
Date: 2020-01-25 13:14:20.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:20.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.051
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.039
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E16P6IMS.107 09/05/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P6
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 38%
Total physical RAM: 16230.21 MB
Available physical RAM: 9984.42 MB
Total Virtual: 19004.27 MB
Available Virtual: 9916.35 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:17.34 GB) NTFS
Drive d: () (Fixed) (Total:912.76 GB) (Free:201.67 GB) NTFS
Drive e: (No Mans Sky Beyond) (CDROM) (Total:8.39 GB) (Free:0 GB) UDF
\\?\Volume{473e7fc5-f5a9-405f-ae34-7499bc2514e9}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{2133cda6-146c-4b93-b6fa-4ea546b0a6cc}\ (BIOS_RVY) (Fixed) (Total:18.75 GB) (Free:0.23 GB) NTFS
\\?\Volume{c648f47e-00d7-41ce-b5d5-1e5f31ee38ac}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 4FC43474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4FC43456)
Partition: GPT.
==================== End of Addition.txt =======================
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Jeste prihazuju co me haže windows defender. A předem děkuji za jakoukoliv pomoc nebo odpověď.
- Přílohy
-
- trojna.png (14.47 KiB) Zobrazeno 4706 x
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Ahoj doufám že toje správně
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-12-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 31
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Restoro
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
***** [ Chromium (and derivatives) ] *****
Deleted Hover Zoom
***** [ Chromium URLs ] *****
Deleted WebSearch
Deleted http://www.default-search.net?sid=476&a ... 77&src=hmp
Deleted http://www.default-search.net?sid=476&a ... 77&src=hmp
Deleted http://www.hohosearch.com/?mode=nnnb&pt ... CHQqBHEsB0..
Deleted http://www.hohosearch.com/?mode=nnnb&pt ... CHQqBHEsB0..
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5126 octets] - [12/02/2020 19:04:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
doufám že toje správně# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-12-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 31
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Windows\restoro.ini
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Restoro
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
***** [ Chromium (and derivatives) ] *****
Deleted Hover Zoom
***** [ Chromium URLs ] *****
Deleted WebSearch
Deleted http://www.default-search.net?sid=476&a ... 77&src=hmp
Deleted http://www.default-search.net?sid=476&a ... 77&src=hmp
Deleted http://www.hohosearch.com/?mode=nnnb&pt ... CHQqBHEsB0..
Deleted http://www.hohosearch.com/?mode=nnnb&pt ... CHQqBHEsB0..
Deleted http://www.istartsurf.com/?type=hp&ts=1 ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted http://www.mystartsearch.com/?type=hp&t ... J9ECA38641
Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
Deleted https://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5126 octets] - [12/02/2020 19:04:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by skimi (administrator) on MSI (Micro-Star International Co., Ltd. GL63 8RD) (12-02-2020 19:32:11)
Running from D:\Plocha
Loaded Profiles: skimi (Available Profiles: skimi)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\skimi\AppData\Roaming\uTorrent Web\helper.exe
(Black Tree Gaming) [File not signed] D:\Games\Nexus Mod Manager\NexusClient.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Games\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe
(Malwarebytes Inc -> Malwarebytes) D:\Plocha\adwcleaner_8.0.2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2002.1001.3.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [utweb] => C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe [5415128 2019-12-20] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-21]
ShortcutTarget: Twitch.lnk -> C:\Users\skimi\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00676FB6-F845-4BC6-A392-149AEE64DAE1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03018639-7E8D-4170-8F89-2E1D6CDACB21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath
Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath
Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath
Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath
Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath
Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath
Task: {0C455DC4-3219-45C4-A4C4-B4C24A0EC72C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath
Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath
Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath
Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath
Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath
Task: {115D05AA-F47A-4F8B-9C9A-A14F9C47D4EA} - System32\Tasks\Opera scheduled assistant Autoupdate 1579954548 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath
Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath
Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath
Task: {15688EBD-553C-4961-A59D-5981009579B0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath
Task: {16a2d488-8bb9-43cf-8d92-085a5cdc1577} - no filepath
Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath
Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath
Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath
Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath
Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath
Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath
Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath
Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath
Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath
Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath
Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath
Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath
Task: {25C9FBF5-E1FE-4108-B144-F613C03DB2EF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath
Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath
Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath
Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath
Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath
Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath
Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath
Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath
Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath
Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath
Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath
Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath
Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath
Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath
Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath
Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath
Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath
Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath
Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath
Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath
Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath
Task: {33F88B6F-A74B-43BE-BA73-66F16566E646} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34E2DF35-AA90-4ACD-AA6D-BABE363E7BFF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath
Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath
Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath
Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath
Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath
Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath
Task: {3c4f252a-c26f-4e95-aeeb-d006d6ad4322} - no filepath
Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath
Task: {3E7318D5-285C-4605-B984-96839D0DD6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath
Task: {3F2F793C-2B21-4B9E-B5D2-F39AFAE0F0B1} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath
Task: {43EB2B7E-5407-49E7-B4FA-F61ECFBCA72D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath
Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath
Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath
Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath
Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath
Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath
Task: {47860AFF-AEC6-4F28-8589-75D036CBA072} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath
Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath
Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath
Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath
Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath
Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath
Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath
Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath
Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath
Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath
Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath
Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath
Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath
Task: {577D10A7-BE53-43D6-8EFE-479B521E6C4E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath
Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath
Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath
Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath
Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath
Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath
Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath
Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath
Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath
Task: {62FCBD74-1A66-4FBD-80F3-CBD8EBF64DF5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath
Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath
Task: {63FA7CC9-F302-41D8-A90E-B4BD19FE4DB2} - System32\Tasks\MonitorMysticLight => C:\Program Files\GamingOSD\MysticLight\MysticLightController.exe
Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath
Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath
Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath
Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath
Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath
Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath
Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath
Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath
Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath
Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath
Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath
Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath
Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath
Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath
Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath
Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath
Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath
Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath
Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath
Task: {74643DF3-D787-45B7-A5A0-ECF3A549B192} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath
Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath
Task: {7989318E-F6EC-479F-8A0E-3C7AA4F7093E} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath
Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath
Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath
Task: {8105A2DA-7ABB-42B8-A028-07CA8BFA1AC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath
Task: {833C463C-BDDB-4F0F-A48D-83C37C1FF3BC} - System32\Tasks\Opera scheduled Autoupdate 1558295913 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {83529663-B66C-4795-AF28-32BBD4132EBD} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath
Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath
Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath
Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath
Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath
Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath
Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath
Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath
Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath
Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath
Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath
Task: {8FFAC89F-CFE7-4A26-88A9-04E4958558B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91ABBDFC-122F-47F1-BE51-6D4B286D21E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath
Task: {9290349D-8B3E-41B7-AF27-A2FC59EA1899} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {929aba5f-7b65-44c9-8a8a-94035ea08854} - no filepath
Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath
Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath
Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath
Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath
Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath
Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath
Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath
Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath
Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath
Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath
Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath
Task: {9BB052A5-330C-400B-8143-3A7EDBAFA9C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath
Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath
Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath
Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath
Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath
Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath
Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath
Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath
Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath
Task: {A25E356C-20F1-47DF-8834-8C0F17C811AB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-11] (Adobe Inc. -> Adobe)
Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath
Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath
Task: {A38515A1-EDE0-4881-94A3-52EB19FCC1B5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath
Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath
Task: {A9C49965-0D2C-4E3E-B76C-9F172C0406A3} - System32\Tasks\MonitorMicroKey => C:\Program Files\GamingOSD\MonitorMicroKeyDetector.exe
Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath
Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath
Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath
Task: {B0E01A32-2ADD-422D-87CC-590A10397575} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath
Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath
Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath
Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath
Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath
Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath
Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath
Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath
Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath
Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath
Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath
Task: {C02CEC54-DD33-413F-8101-56EC96DE2E21} - System32\Tasks\Opera scheduled assistant Autoupdate 1558295916 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath
Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath
Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath
Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath
Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath
Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath
Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath
Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath
Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath
Task: {CB3D9A1F-2B62-448B-AA04-69B4A271B5FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath
Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath
Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath
Task: {D38ACA79-0158-4FCA-892E-749BC833693E} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath
Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath
Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath
Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath
Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath
Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath
Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath
Task: {DBD5C285-798F-4C01-A20B-584C2ECB9157} - System32\Tasks\EMPTY => C:\Program Files\emptystanbylist\EmptyStandbyList.exe [139424 2020-02-09] (Wen Jia Liu -> )
Task: {DC849DA6-5A92-40EB-BEFE-FB661C0A12F8} - System32\Tasks\Opera scheduled Autoupdate 1579954543 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {DD6512E7-C215-4E2E-ACB7-25500B9703B7} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath
Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath
Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath
Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath
Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath
Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath
Task: {E69CB7F2-4ED4-4FDA-834E-7E30798641AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath
Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath
Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath
Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath
Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath
Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath
Task: {F6208C70-C673-462C-AE02-B7EBA8210545} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath
Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath
Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath
Task: {F9FF51AC-A222-4AD1-939C-5527D5C9D99D} - System32\Tasks\GamingOSDAutoStartUp => C:\Program Files\GamingOSD\GamingOSD.exe
Task: {FDCF9B77-F73F-4058-82B7-4267C2C28AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath
Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath
Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3800a79c-bfed-4fb3-a2e7-c8f45a744789}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{786c19f0-8b67-4d50-9b2d-04289cca0f83}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL =
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: p6zhqc64.default
FF ProfilePath: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF SearchPlugin: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default\searchplugins\bing-lavasoft-ff59.xml [2019-05-19]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR DownloadDir: D:\Stažené google chrome
CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113& ... oogle.com/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-01]
CHR Extension: (Safe Torrent Scanner) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-01-25]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2019-10-05] [UpdateUrl:hxxps://cdn.ffzap.com/firefox-updates.json] <==== ATTENTION
CHR Extension: (Dokumenty) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-01]
CHR Extension: (Disk Google) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-01]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-01-04]
CHR Extension: (YouTube) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (FrankerFaceZ) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-10-05]
CHR Extension: (Tabulky) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-01-15]
CHR Extension: (MSI) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbibdjmopapngkdbibajfpnipligfpa [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-02]
CHR Extension: (Gmail) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-09-12] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-07-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1301064 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2807824 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762056 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1451976 2019-07-19] (A-Volute -> Nahimic)
S3 NGS; C:\ProgramData\Nexon\NGS\NGService.exe [3097648 2019-06-01] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2329904 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [3204912 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-10-18] () [File not signed]
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [399440 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3753016 2019-08-19] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72720 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw08; C:\WINDOWS\system32\DRIVERS\Netwtw08.sys [9278456 2019-09-05] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvlddmkm.sys [23276960 2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-08-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56912 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-08-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3865f7cd0ca0fb7c\xvdd.sys [485720 2020-01-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:03 - 2020-02-12 19:05 - 000000000 ____D C:\AdwCleaner
2020-02-12 18:37 - 2020-02-12 19:32 - 000000000 ____D C:\FRST
2020-02-12 18:20 - 2020-02-12 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Mans Sky Beyond
2020-02-12 02:13 - 2020-02-12 18:27 - 000000000 ____D C:\Users\skimi\AppData\Local\LOOT
2020-02-12 01:33 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-02-12 01:33 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-02-12 01:33 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-02-11 18:08 - 2020-02-11 18:08 - 000000000 ____D C:\Users\skimi\AppData\Roaming\HelloGames
2020-02-09 11:38 - 2020-02-09 11:38 - 000003418 _____ C:\WINDOWS\system32\Tasks\EMPTY
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2020-02-09 11:33 - 2020-02-09 11:34 - 000000000 ____D C:\Program Files\emptystanbylist
2020-02-08 18:57 - 2020-02-08 18:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000450784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000353368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 011843712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 010167752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001485680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001002368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000677576 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000574296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-02-08 18:54 - 2020-01-30 23:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 040511616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 035380128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 015032016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 000858240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-02-08 18:54 - 2020-01-30 23:01 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-02-08 18:54 - 2020-01-30 04:15 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-02-05 23:12 - 2020-02-05 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-30 04:57 - 2020-01-30 04:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2020-01-30 01:15 - 2020-02-12 02:13 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\Nexus Mod Manager
2020-01-30 01:15 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Black_Tree_Gaming
2020-01-30 01:14 - 2020-02-07 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-01-30 00:03 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Fallout4
2020-01-27 22:53 - 2020-01-27 22:56 - 000000000 ____D C:\ProgramData\WinZip
2020-01-27 22:44 - 2020-01-27 22:45 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\FOMM
2020-01-27 22:40 - 2020-01-27 22:40 - 000000000 ____D C:\Users\skimi\AppData\Local\FOMM
2020-01-27 22:36 - 2020-01-27 22:36 - 000000000 ____D C:\Users\skimi\AppData\Local\FalloutNV
2020-01-27 21:37 - 2020-01-27 21:37 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\Smac
2020-01-27 20:17 - 2020-01-27 20:17 - 000000000 ____D C:\Users\skimi\AppData\Local\Deadsiege
2020-01-25 14:33 - 2020-01-25 14:33 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\SkidRow
2020-01-25 14:32 - 2020-01-25 14:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\SKS
2020-01-25 13:15 - 2020-02-12 19:03 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent Web
2020-01-25 13:15 - 2020-01-25 13:18 - 000001872 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-01-25 13:15 - 2020-01-25 13:15 - 000004392 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1579954548
2020-01-25 13:15 - 2020-01-25 13:15 - 000004138 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1579954543
2020-01-15 10:08 - 2020-01-15 10:08 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 10:02 - 2020-01-15 10:02 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 10:02 - 2020-01-15 10:02 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:32 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-12 19:27 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-12 19:10 - 2019-05-01 14:37 - 000000000 ____D C:\Users\skimi\AppData\Local\NVIDIA
2020-02-12 19:06 - 2020-01-09 18:51 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2020-02-12 19:06 - 2019-10-18 16:50 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2020-02-12 19:06 - 2019-10-18 16:50 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2020-02-12 19:06 - 2019-06-22 22:14 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2020-02-12 19:06 - 2019-06-22 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-12 19:06 - 2019-05-19 21:01 - 000000000 ____D C:\Users\skimi\AppData\Local\BitTorrentHelper
2020-02-12 19:06 - 2019-05-01 14:18 - 000000000 __SHD C:\Users\skimi\IntelGraphicsProfiles
2020-02-12 19:06 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-12 19:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-12 19:06 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-12 19:05 - 2019-10-25 15:59 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-02-12 19:05 - 2019-05-10 14:49 - 000019664 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-02-12 19:05 - 2019-05-04 18:31 - 000016759 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-02-12 19:05 - 2019-05-04 18:31 - 000008589 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-02-12 19:05 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-12 18:33 - 2019-06-01 17:46 - 000000000 ____D C:\Users\skimi\AppData\Local\CrashDumps
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Local\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\ProgramData\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:59 - 000000000 ____D C:\Program Files\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:58 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-02-12 18:20 - 2019-07-29 00:27 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Yousician Launcher
2020-02-12 18:17 - 2019-05-01 14:49 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\My Games
2020-02-12 18:14 - 2019-06-22 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-11 23:21 - 2019-09-24 21:33 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Discord
2020-02-11 19:15 - 2019-07-27 16:24 - 000004600 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-10 18:37 - 2019-06-22 22:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2466524190-1393262879-1045153092-1001
2020-02-10 18:37 - 2019-06-22 22:09 - 000002372 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-10 18:37 - 2019-05-01 14:20 - 000000000 ___RD C:\Users\skimi\OneDrive
2020-02-09 15:04 - 2019-05-04 18:31 - 000011369 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-02-08 19:06 - 2019-11-01 18:14 - 000000000 ____D C:\Users\skimi\AppData\Local\New Technology Studio
2020-02-08 19:04 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent
2020-02-08 19:02 - 2019-08-26 16:08 - 000000000 ____D C:\ProgramData\Zoner
2020-02-08 19:00 - 2019-05-01 14:18 - 000000000 ____D C:\Users\skimi\AppData\Local\Packages
2020-02-08 18:54 - 2019-05-01 18:50 - 000129088 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-02-08 18:54 - 2019-05-01 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-02-08 18:54 - 2019-05-01 18:49 - 000000000 ____D C:\Program Files\Java
2020-02-07 09:53 - 2019-12-10 22:30 - 000000620 _____ C:\Users\skimi\OneDrive\Dokumenty\ClownfishVoiceChanger.ini
2020-02-06 17:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-05 23:12 - 2019-07-29 10:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-05 17:40 - 2019-06-22 22:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 17:40 - 2019-06-22 22:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-03 23:09 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-30 23:01 - 2019-11-06 19:05 - 004230544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-30 23:01 - 2019-06-02 10:15 - 004962792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 20:33 - 2019-12-12 23:14 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-01-30 20:33 - 2019-10-14 06:11 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-01-30 20:33 - 2019-06-22 22:20 - 001336248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000149432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000087992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-01-30 16:10 - 2019-05-01 14:48 - 000000000 ____D C:\Users\skimi\AppData\Local\D3DSCache
2020-01-29 02:38 - 2019-07-29 10:56 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-29 02:38 - 2019-07-29 10:56 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-28 22:20 - 2019-07-29 10:56 - 000003974 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-28 22:20 - 2019-07-29 10:56 - 000003742 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-27 20:17 - 2019-05-30 22:59 - 000000000 ____D C:\Users\skimi\AppData\Local\UnrealEngine
2020-01-27 03:31 - 2019-05-19 19:47 - 000000000 ____D C:\Users\skimi\AppData\Local\Ubisoft Game Launcher
2020-01-26 20:39 - 2019-11-05 00:19 - 000000000 ____D C:\Users\skimi\AppData\Local\DigitalEntitlements
2020-01-25 13:23 - 2019-06-22 22:09 - 000000000 ____D C:\Users\skimi
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Opera Software
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Local\Opera Software
2020-01-24 23:58 - 2019-12-06 01:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\uTorrent
2020-01-24 22:06 - 2019-05-01 14:29 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Twitch
2020-01-23 18:50 - 2019-05-01 14:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 17:51 - 2019-09-14 16:37 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-22 08:33 - 2019-08-03 22:07 - 000000000 ____D C:\Users\skimi\AppData\Local\Battle.net
2020-01-15 10:36 - 2019-06-22 22:05 - 000267672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 10:12 - 2019-05-01 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 10:09 - 2019-05-01 16:24 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 03:03 - 2019-05-16 09:24 - 000000000 ____D C:\Users\skimi\AppData\Local\ElevatedDiagnostics
2020-01-13 21:56 - 2019-06-22 22:14 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
==================== Files in the root of some directories ========
2019-11-01 17:00 - 2019-11-01 17:00 - 042738921 _____ () C:\Users\skimi\AppData\Roaming\gta5_patch.bin
2019-11-01 17:00 - 2019-11-01 17:00 - 000332800 _____ () C:\Users\skimi\AppData\Roaming\patcher.dll
2019-10-15 10:54 - 2019-10-15 10:54 - 000000410 _____ () C:\Users\skimi\AppData\Local\oobelibMkey.log
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ () C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp
2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by skimi (administrator) on MSI (Micro-Star International Co., Ltd. GL63 8RD) (12-02-2020 19:32:11)
Running from D:\Plocha
Loaded Profiles: skimi (Available Profiles: skimi)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\skimi\AppData\Roaming\uTorrent Web\helper.exe
(Black Tree Gaming) [File not signed] D:\Games\Nexus Mod Manager\NexusClient.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Games\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe
(Malwarebytes Inc -> Malwarebytes) D:\Plocha\adwcleaner_8.0.2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2002.1001.3.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [utweb] => C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe [5415128 2019-12-20] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
Startup: C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-21]
ShortcutTarget: Twitch.lnk -> C:\Users\skimi\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00676FB6-F845-4BC6-A392-149AEE64DAE1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03018639-7E8D-4170-8F89-2E1D6CDACB21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath
Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath
Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath
Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath
Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath
Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath
Task: {0C455DC4-3219-45C4-A4C4-B4C24A0EC72C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath
Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath
Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath
Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath
Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath
Task: {115D05AA-F47A-4F8B-9C9A-A14F9C47D4EA} - System32\Tasks\Opera scheduled assistant Autoupdate 1579954548 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath
Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath
Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath
Task: {15688EBD-553C-4961-A59D-5981009579B0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath
Task: {16a2d488-8bb9-43cf-8d92-085a5cdc1577} - no filepath
Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath
Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath
Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath
Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath
Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath
Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath
Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath
Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath
Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath
Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath
Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath
Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath
Task: {25C9FBF5-E1FE-4108-B144-F613C03DB2EF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath
Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath
Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath
Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath
Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath
Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath
Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath
Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath
Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath
Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath
Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath
Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath
Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath
Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath
Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath
Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath
Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath
Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath
Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath
Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath
Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath
Task: {33F88B6F-A74B-43BE-BA73-66F16566E646} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34E2DF35-AA90-4ACD-AA6D-BABE363E7BFF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath
Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath
Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath
Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath
Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath
Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath
Task: {3c4f252a-c26f-4e95-aeeb-d006d6ad4322} - no filepath
Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath
Task: {3E7318D5-285C-4605-B984-96839D0DD6E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath
Task: {3F2F793C-2B21-4B9E-B5D2-F39AFAE0F0B1} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath
Task: {43EB2B7E-5407-49E7-B4FA-F61ECFBCA72D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath
Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath
Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath
Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath
Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath
Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath
Task: {47860AFF-AEC6-4F28-8589-75D036CBA072} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath
Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath
Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath
Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath
Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath
Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath
Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath
Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath
Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath
Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath
Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath
Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath
Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath
Task: {577D10A7-BE53-43D6-8EFE-479B521E6C4E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath
Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath
Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath
Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath
Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath
Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath
Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath
Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath
Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath
Task: {62FCBD74-1A66-4FBD-80F3-CBD8EBF64DF5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath
Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath
Task: {63FA7CC9-F302-41D8-A90E-B4BD19FE4DB2} - System32\Tasks\MonitorMysticLight => C:\Program Files\GamingOSD\MysticLight\MysticLightController.exe
Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath
Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath
Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath
Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath
Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath
Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath
Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath
Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath
Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath
Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath
Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath
Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath
Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath
Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath
Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath
Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath
Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath
Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath
Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath
Task: {74643DF3-D787-45B7-A5A0-ECF3A549B192} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath
Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath
Task: {7989318E-F6EC-479F-8A0E-3C7AA4F7093E} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath
Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath
Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath
Task: {8105A2DA-7ABB-42B8-A028-07CA8BFA1AC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath
Task: {833C463C-BDDB-4F0F-A48D-83C37C1FF3BC} - System32\Tasks\Opera scheduled Autoupdate 1558295913 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {83529663-B66C-4795-AF28-32BBD4132EBD} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath
Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath
Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath
Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath
Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath
Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath
Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath
Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath
Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath
Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath
Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath
Task: {8FFAC89F-CFE7-4A26-88A9-04E4958558B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91ABBDFC-122F-47F1-BE51-6D4B286D21E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-01] (Google Inc -> Google LLC)
Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath
Task: {9290349D-8B3E-41B7-AF27-A2FC59EA1899} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1061832 2019-07-19] (A-Volute -> Nahimic)
Task: {929aba5f-7b65-44c9-8a8a-94035ea08854} - no filepath
Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath
Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath
Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath
Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath
Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath
Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath
Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath
Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath
Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath
Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath
Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath
Task: {9BB052A5-330C-400B-8143-3A7EDBAFA9C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath
Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath
Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath
Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath
Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath
Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath
Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath
Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath
Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath
Task: {A25E356C-20F1-47DF-8834-8C0F17C811AB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-11] (Adobe Inc. -> Adobe)
Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath
Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath
Task: {A38515A1-EDE0-4881-94A3-52EB19FCC1B5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath
Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath
Task: {A9C49965-0D2C-4E3E-B76C-9F172C0406A3} - System32\Tasks\MonitorMicroKey => C:\Program Files\GamingOSD\MonitorMicroKeyDetector.exe
Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath
Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath
Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath
Task: {B0E01A32-2ADD-422D-87CC-590A10397575} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath
Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath
Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath
Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath
Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath
Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath
Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath
Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath
Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath
Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath
Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath
Task: {C02CEC54-DD33-413F-8101-56EC96DE2E21} - System32\Tasks\Opera scheduled assistant Autoupdate 1558295916 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath
Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath
Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath
Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath
Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath
Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath
Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath
Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath
Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath
Task: {CB3D9A1F-2B62-448B-AA04-69B4A271B5FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath
Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath
Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath
Task: {D38ACA79-0158-4FCA-892E-749BC833693E} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath
Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath
Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath
Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath
Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath
Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath
Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath
Task: {DBD5C285-798F-4C01-A20B-584C2ECB9157} - System32\Tasks\EMPTY => C:\Program Files\emptystanbylist\EmptyStandbyList.exe [139424 2020-02-09] (Wen Jia Liu -> )
Task: {DC849DA6-5A92-40EB-BEFE-FB661C0A12F8} - System32\Tasks\Opera scheduled Autoupdate 1579954543 => C:\Users\skimi\AppData\Local\Programs\Opera\launcher.exe
Task: {DD6512E7-C215-4E2E-ACB7-25500B9703B7} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [791496 2019-07-19] (A-Volute -> Nahimic)
Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath
Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath
Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath
Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath
Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath
Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath
Task: {E69CB7F2-4ED4-4FDA-834E-7E30798641AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath
Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath
Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath
Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath
Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath
Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath
Task: {F6208C70-C673-462C-AE02-B7EBA8210545} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath
Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath
Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath
Task: {F9FF51AC-A222-4AD1-939C-5527D5C9D99D} - System32\Tasks\GamingOSDAutoStartUp => C:\Program Files\GamingOSD\GamingOSD.exe
Task: {FDCF9B77-F73F-4058-82B7-4267C2C28AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath
Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath
Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3800a79c-bfed-4fb3-a2e7-c8f45a744789}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{786c19f0-8b67-4d50-9b2d-04289cca0f83}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL =
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: p6zhqc64.default
FF ProfilePath: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF SearchPlugin: C:\Users\skimi\AppData\Roaming\Mozilla\Firefox\Profiles\p6zhqc64.default\searchplugins\bing-lavasoft-ff59.xml [2019-05-19]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Program Files (x86)\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR DownloadDir: D:\Stažené google chrome
CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113& ... oogle.com/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-01]
CHR Extension: (Safe Torrent Scanner) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-01-25]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2019-10-05] [UpdateUrl:hxxps://cdn.ffzap.com/firefox-updates.json] <==== ATTENTION
CHR Extension: (Dokumenty) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-01]
CHR Extension: (Disk Google) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-01]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-01-04]
CHR Extension: (YouTube) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (FrankerFaceZ) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-10-05]
CHR Extension: (Tabulky) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-15]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-01-15]
CHR Extension: (MSI) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgbibdjmopapngkdbibajfpnipligfpa [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-02]
CHR Extension: (Gmail) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\skimi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8361960 2019-09-12] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-07-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1301064 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21432 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2807824 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762056 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-05-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1451976 2019-07-19] (A-Volute -> Nahimic)
S3 NGS; C:\ProgramData\Nexon\NGS\NGService.exe [3097648 2019-06-01] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2329904 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [3204912 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [833312 2019-01-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-10-18] () [File not signed]
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [399440 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3753016 2019-08-19] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2019-12-12] (Microsoft Windows -> Microsoft Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72720 2018-05-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [170672 2018-06-07] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw08; C:\WINDOWS\system32\DRIVERS\Netwtw08.sys [9278456 2019-09-05] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvlddmkm.sys [23276960 2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-08-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56912 2018-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2019-07-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-08-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_3865f7cd0ca0fb7c\xvdd.sys [485720 2020-01-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:03 - 2020-02-12 19:05 - 000000000 ____D C:\AdwCleaner
2020-02-12 18:37 - 2020-02-12 19:32 - 000000000 ____D C:\FRST
2020-02-12 18:20 - 2020-02-12 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Mans Sky Beyond
2020-02-12 02:13 - 2020-02-12 18:27 - 000000000 ____D C:\Users\skimi\AppData\Local\LOOT
2020-02-12 01:33 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-02-12 01:33 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-02-12 01:33 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-02-12 01:33 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-02-12 01:33 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-02-11 18:08 - 2020-02-11 18:08 - 000000000 ____D C:\Users\skimi\AppData\Roaming\HelloGames
2020-02-09 11:38 - 2020-02-09 11:38 - 000003418 _____ C:\WINDOWS\system32\Tasks\EMPTY
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2020-02-09 11:33 - 2020-02-09 11:34 - 000000000 ____D C:\Program Files\emptystanbylist
2020-02-08 18:57 - 2020-02-08 18:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000450784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:04 - 000353368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 011843712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:03 - 010167752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001485680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 001002368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000677576 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000574296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-02-08 18:54 - 2020-01-30 23:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-08 18:54 - 2020-01-30 23:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 040511616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 035380128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 015032016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-08 18:54 - 2020-01-30 23:01 - 000858240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-02-08 18:54 - 2020-01-30 23:01 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-02-08 18:54 - 2020-01-30 04:15 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-02-05 23:12 - 2020-02-05 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-02-04 14:20 - 2020-02-04 14:20 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-01-30 04:57 - 2020-01-30 04:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2020-01-30 01:15 - 2020-02-12 02:13 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\Nexus Mod Manager
2020-01-30 01:15 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Black_Tree_Gaming
2020-01-30 01:14 - 2020-02-07 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-01-30 00:03 - 2020-01-30 01:15 - 000000000 ____D C:\Users\skimi\AppData\Local\Fallout4
2020-01-27 22:53 - 2020-01-27 22:56 - 000000000 ____D C:\ProgramData\WinZip
2020-01-27 22:44 - 2020-01-27 22:45 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\FOMM
2020-01-27 22:40 - 2020-01-27 22:40 - 000000000 ____D C:\Users\skimi\AppData\Local\FOMM
2020-01-27 22:36 - 2020-01-27 22:36 - 000000000 ____D C:\Users\skimi\AppData\Local\FalloutNV
2020-01-27 21:37 - 2020-01-27 21:37 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\Smac
2020-01-27 20:17 - 2020-01-27 20:17 - 000000000 ____D C:\Users\skimi\AppData\Local\Deadsiege
2020-01-25 14:33 - 2020-01-25 14:33 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\SkidRow
2020-01-25 14:32 - 2020-01-25 14:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\SKS
2020-01-25 13:15 - 2020-02-12 19:03 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent Web
2020-01-25 13:15 - 2020-01-25 13:18 - 000001872 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-01-25 13:15 - 2020-01-25 13:15 - 000004392 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1579954548
2020-01-25 13:15 - 2020-01-25 13:15 - 000004138 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1579954543
2020-01-15 10:08 - 2020-01-15 10:08 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 10:08 - 2020-01-15 10:08 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 10:07 - 2020-01-15 10:07 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 10:07 - 2020-01-15 10:07 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 10:07 - 2020-01-15 10:07 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 10:02 - 2020-01-15 10:02 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 10:02 - 2020-01-15 10:02 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 19:32 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-12 19:27 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-12 19:10 - 2019-05-01 14:37 - 000000000 ____D C:\Users\skimi\AppData\Local\NVIDIA
2020-02-12 19:06 - 2020-01-09 18:51 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2020-02-12 19:06 - 2019-10-18 16:50 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2020-02-12 19:06 - 2019-10-18 16:50 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2020-02-12 19:06 - 2019-06-22 22:14 - 000003152 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2020-02-12 19:06 - 2019-06-22 22:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-12 19:06 - 2019-05-19 21:01 - 000000000 ____D C:\Users\skimi\AppData\Local\BitTorrentHelper
2020-02-12 19:06 - 2019-05-01 14:18 - 000000000 __SHD C:\Users\skimi\IntelGraphicsProfiles
2020-02-12 19:06 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-12 19:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-12 19:06 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-12 19:05 - 2019-10-25 15:59 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-02-12 19:05 - 2019-05-10 14:49 - 000019664 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-02-12 19:05 - 2019-05-04 18:31 - 000016759 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-02-12 19:05 - 2019-05-04 18:31 - 000008589 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-02-12 19:05 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-12 18:33 - 2019-06-01 17:46 - 000000000 ____D C:\Users\skimi\AppData\Local\CrashDumps
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\Users\skimi\AppData\Local\Rockstar Games
2020-02-12 18:20 - 2019-11-01 16:39 - 000000000 ____D C:\ProgramData\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:59 - 000000000 ____D C:\Program Files\Rockstar Games
2020-02-12 18:20 - 2019-10-27 21:58 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-02-12 18:20 - 2019-07-29 00:27 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Yousician Launcher
2020-02-12 18:17 - 2019-05-01 14:49 - 000000000 ____D C:\Users\skimi\OneDrive\Dokumenty\My Games
2020-02-12 18:14 - 2019-06-22 22:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-11 23:21 - 2019-09-24 21:33 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Discord
2020-02-11 19:15 - 2019-07-27 16:24 - 000004600 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-11 19:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-10 18:37 - 2019-06-22 22:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2466524190-1393262879-1045153092-1001
2020-02-10 18:37 - 2019-06-22 22:09 - 000002372 _____ C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-10 18:37 - 2019-05-01 14:20 - 000000000 ___RD C:\Users\skimi\OneDrive
2020-02-09 15:04 - 2019-05-04 18:31 - 000011369 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-02-08 19:06 - 2019-11-01 18:14 - 000000000 ____D C:\Users\skimi\AppData\Local\New Technology Studio
2020-02-08 19:04 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\uTorrent
2020-02-08 19:02 - 2019-08-26 16:08 - 000000000 ____D C:\ProgramData\Zoner
2020-02-08 19:00 - 2019-05-01 14:18 - 000000000 ____D C:\Users\skimi\AppData\Local\Packages
2020-02-08 18:54 - 2019-05-01 18:50 - 000129088 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-02-08 18:54 - 2019-05-01 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-02-08 18:54 - 2019-05-01 18:49 - 000000000 ____D C:\Program Files\Java
2020-02-07 09:53 - 2019-12-10 22:30 - 000000620 _____ C:\Users\skimi\OneDrive\Dokumenty\ClownfishVoiceChanger.ini
2020-02-06 17:30 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-05 23:12 - 2019-07-29 10:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-05 17:40 - 2019-06-22 22:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 17:40 - 2019-06-22 22:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-03 23:09 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-30 23:01 - 2019-11-06 19:05 - 004230544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-30 23:01 - 2019-06-02 10:15 - 004962792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 20:33 - 2019-12-12 23:14 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2020-01-30 20:33 - 2019-10-14 06:11 - 000031672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2020-01-30 20:33 - 2019-06-22 22:20 - 001336248 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000149432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2020-01-30 20:33 - 2019-06-22 22:20 - 000087992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2020-01-30 16:10 - 2019-05-01 14:48 - 000000000 ____D C:\Users\skimi\AppData\Local\D3DSCache
2020-01-29 02:38 - 2019-07-29 10:56 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-01-29 02:38 - 2019-07-29 10:56 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-01-28 22:20 - 2019-07-29 10:56 - 000003974 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-01-28 22:20 - 2019-07-29 10:56 - 000003742 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-01-27 20:17 - 2019-05-30 22:59 - 000000000 ____D C:\Users\skimi\AppData\Local\UnrealEngine
2020-01-27 03:31 - 2019-05-19 19:47 - 000000000 ____D C:\Users\skimi\AppData\Local\Ubisoft Game Launcher
2020-01-26 20:39 - 2019-11-05 00:19 - 000000000 ____D C:\Users\skimi\AppData\Local\DigitalEntitlements
2020-01-25 13:23 - 2019-06-22 22:09 - 000000000 ____D C:\Users\skimi
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Opera Software
2020-01-25 13:15 - 2019-05-19 20:58 - 000000000 ____D C:\Users\skimi\AppData\Local\Opera Software
2020-01-24 23:58 - 2019-12-06 01:32 - 000000000 ____D C:\Users\skimi\AppData\LocalLow\uTorrent
2020-01-24 22:06 - 2019-05-01 14:29 - 000000000 ____D C:\Users\skimi\AppData\Roaming\Twitch
2020-01-23 18:50 - 2019-05-01 14:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 17:51 - 2019-09-14 16:37 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-22 08:33 - 2019-08-03 22:07 - 000000000 ____D C:\Users\skimi\AppData\Local\Battle.net
2020-01-15 10:36 - 2019-06-22 22:05 - 000267672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 10:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 10:12 - 2019-05-01 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 10:09 - 2019-05-01 16:24 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 03:03 - 2019-05-16 09:24 - 000000000 ____D C:\Users\skimi\AppData\Local\ElevatedDiagnostics
2020-01-13 21:56 - 2019-06-22 22:14 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2019-06-22 22:14 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-13 21:56 - 2018-08-12 00:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
==================== Files in the root of some directories ========
2019-11-01 17:00 - 2019-11-01 17:00 - 042738921 _____ () C:\Users\skimi\AppData\Roaming\gta5_patch.bin
2019-11-01 17:00 - 2019-11-01 17:00 - 000332800 _____ () C:\Users\skimi\AppData\Roaming\patcher.dll
2019-10-15 10:54 - 2019-10-15 10:54 - 000000410 _____ () C:\Users\skimi\AppData\Local\oobelibMkey.log
2020-02-09 11:34 - 2020-02-09 11:34 - 000007601 _____ () C:\Users\skimi\AppData\Local\Resmon.ResmonCfg
2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp
2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by skimi (12-02-2020 19:33:19)
Running from D:\Plocha
Windows 10 Home Version 1903 18362.592 (X64) (2019-06-22 21:15:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2466524190-1393262879-1045153092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2466524190-1393262879-1045153092-503 - Limited - Disabled)
Guest (S-1-5-21-2466524190-1393262879-1045153092-501 - Limited - Disabled)
skimi (S-1-5-21-2466524190-1393262879-1045153092-1001 - Administrator - Enabled) => C:\Users\skimi
WDAGUtilityAccount (S-1-5-21-2466524190-1393262879-1045153092-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{334850ef-c0ab-431a-a26f-193c2fdaa072}) (Version: 21.40.2 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.41 - Rivet Networks)
AR8171 Drivers (HKLM\...\{8386D032-4BA5-4BDA-A86D-22A2761881AA}) (Version: 1.0.0.41 - Rivet Networks) Hidden
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.47.11 - Bethesda Softworks)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CrossHair (HKLM-x32\...\{8436142A-9949-48E9-B24A-F2C7408302FA}) (Version: 1.0.1 - Mike Lin)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{BA700CA0-A940-43A5-9779-560DADB0C245}) (Version: 0.11.0 - prekladyher.eu)
Fallout 4 MULTi8 - ElAmigos version 1.10.114 (HKLM-x32\...\{56CEC358-CB9B-4FC3-9ADD-E8C152257F88}_is1) (Version: 1.10.114 - Bethesda Softworks)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.0.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightscreen version 2.4 (HKLM-x32\...\{4A59754E-D644-4F84-9768-41F68053F08E}_is1) (Version: 2.4 - Christian Kaiser)
Microsoft OneDrive (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.1 - Black Tree Gaming)
No Mans Sky Beyond (HKLM-x32\...\No Mans Sky Beyond_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-31] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-20] (INTEL CORP)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm [2019-12-25] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-09-30] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2285.0_x64__8j3eq9eme6ctt [2020-01-29] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.181.0_x64__dt26b99r8h8gj [2019-07-30] (Realtek Semiconductor Corp)
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.23255.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-31] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-05-02] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2002.1001.3.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-20 01:36 - 2019-12-20 01:36 - 001414656 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avcodec-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000898048 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avformat-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000451072 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avutil-56.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000151552 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\swresample-3.dll
2017-12-27 19:00 - 2017-12-27 19:00 - 000105984 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2015-06-12 03:35 - 2015-06-12 03:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\SSLEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\LIBEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\ssleay32.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\platforms\qwindows.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Core.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Gui.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Network.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Widgets.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8282CEFB-DD13-4343-96CF-FC47D96D835E}] => (Allow) D:\Games\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{21C6372F-F346-4071-80DE-F5B25CAE7115}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C08642FB-D5F0-45B7-B7BA-D9309ABE2331}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8984C116-F641-4B78-82A3-B21A8BCE3367}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{958B5F78-10CF-4F28-AB83-EB54767E154D}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4AF14A16-D370-45BA-96B9-F78AF6CBD3E6}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E4AEA161-EBCA-44DF-9AD4-D7A09A973AD9}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{53EAAE13-446A-41A8-83CB-A6131DC649F0}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A898B99E-36C6-4B5F-83E2-9F0888BA55BF}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{93C3D178-69E2-406F-8294-8C4F5A70E2AB}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{99BFEC0D-D797-4E51-8D92-F7BE01415A68}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{20EBE934-817D-49F5-B0B7-AD96CD13752F}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{474E9FC4-41BD-4817-B197-38DC728C978A}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{4FBFB75C-4EE7-482E-880A-5CA599EE313E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BBA71315-0C6B-4C2A-B257-6795A955E30E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{525F8754-0A4A-48AE-809C-4ED2F540DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{909603A2-8623-43A7-AAFC-09C9198F4D59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49BB1C2-BCDB-4156-BB2C-504B47A66DBC}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{B78AD7B6-B13D-4066-8058-1AD2037C736A}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{51B92E96-EEAE-4887-B0FB-F235903DD084}] => (Allow) LPort=3001
FirewallRules: [{8C7CAB6B-D235-4136-9835-335C1600A608}] => (Allow) LPort=3000
FirewallRules: [{8E475E85-DBE7-4675-9D1A-167C2F18DFC5}] => (Allow) LPort=3000
FirewallRules: [{1B2DA007-9E2D-4149-B465-455A34709BED}] => (Allow) LPort=3000
FirewallRules: [{F33ABEDD-0F39-4949-8CFC-1173B3D631D5}] => (Allow) LPort=3001
FirewallRules: [{6B43B002-0014-4E47-943F-075001E340A8}] => (Allow) LPort=3001
FirewallRules: [{02589376-A544-4FFA-8333-381686BC3238}] => (Allow) LPort=4001
FirewallRules: [{337AD62D-70AB-4CE3-AC3F-7E48F0CC4AC1}] => (Allow) LPort=4000
FirewallRules: [{8C0ACA11-6F12-4391-BC8B-0A2477A2B5D8}] => (Allow) LPort=4000
FirewallRules: [{2AFD1C93-52F7-4F45-A03B-173B09DFBA15}] => (Allow) LPort=4000
FirewallRules: [{89562DEF-55F9-4750-8A7B-5F6E3254E445}] => (Allow) LPort=4001
FirewallRules: [{1F545F66-FB5B-42DF-A698-C0CA03AE0A45}] => (Allow) LPort=4001
FirewallRules: [TCP Query User{0F489DB7-3130-4DDE-B908-86079389D9D3}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B08688D2-B719-423B-A50A-BB16982853DE}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{7FAF299C-0F77-40AB-9BF5-5B8E1546F7C5}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4843CEE8-0225-42B5-86CE-3730E5AD481A}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{11967A68-C4F5-4A81-9071-CA255CCDB18F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{DFAA91D0-A41A-4E2D-8E4B-C81FDB223B38}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [{0B48ED66-025D-4C8F-848F-6FBE652A5F76}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [TCP Query User{79306124-DF56-4F40-BCAA-EF3E41D02074}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{55C350AC-F18D-4D1D-8470-BE8E2B9FE223}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{CD6EB7FF-A70A-4E01-9CDC-759BE8639769}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{CFCEB538-9C31-4CFD-8102-9AF765043C37}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{81599231-9A02-449B-847A-B5166B73A4C9}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{DC48E686-25E1-49FA-8E66-E5B790248883}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{DCBBAF82-EB84-4ABE-BF10-6160FF0869D6}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D763ED98-6A03-4626-983B-5FA430DED699}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A2676D07-25C4-4511-8634-B00AFF0F65A5}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{820D84DF-9B4F-4CC9-867F-745B5FB437F4}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{B5D758F1-B2FC-42F2-8734-A0B0FFF946E8}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{F4E49774-B08F-4428-BFA9-2F470FC81DDB}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{A1430118-CEF4-450E-9C20-992485D7B99F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86F93381-06ED-44FB-80D0-6C4409DB5FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F08491E8-9719-4C09-8827-A62227D990CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99295176-9890-4DAD-B586-4F404CF4F479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19706760-D55E-4C46-B4FE-4F3DDBE812D3}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{9DD18CF9-D164-4974-8838-10BA87925F3E}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2E2FDF39-5B0D-4900-B416-92BA831132BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ADF48258-6608-4B40-957F-F043DAF828C2}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [{D3F13E6B-BEE4-4B44-9CB2-FE4DCDC1993B}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{15CD25AD-92D2-4A6D-99F6-FF4C59C1963F}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{0D594371-5640-4567-88E8-3729A4BB1F34}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F1745E8E-D2D6-4911-97FA-3D92AC32770F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E929B175-37DB-4237-B03F-502B0ECD29B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD1EC55F-3818-4B9A-BA41-6D8482D3C32F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D693D25A-DB34-4C3A-97B8-BCA99C0D2A63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F55AFD8-4EB3-490F-8DF4-56C29B46855E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AD40CBC-85AE-4745-B47B-CDC95DE210B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72D69478-A389-4877-A696-A7F26DAEE6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF35E496-0FFD-4919-84C4-5DD65A60121D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{310CA13A-5754-4C6E-95E3-83AA80D062E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EBD363-626F-419C-9048-9586AF53F1CF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{E3D57831-E978-439E-8F11-904E43E41521}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{DA8BD07F-1249-42AC-A7A5-A9FDD67FDA87}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:17.95 GB) (15%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/12/2020 07:30:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14472,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 07:13:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6748,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 07:06:09 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/12/2020 07:05:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.19.2734.4859, časové razítko: 0x5d8a4cce
Název chybujícího modulu: NahimicOSD.dll, verze: 2.1.13.60737, časové razítko: 0x5da9b811
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014a04
ID chybujícího procesu: 0x1ad0
Čas spuštění chybující aplikace: 0x01d5e1ceff38064e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll
ID zprávy: 13bc7361-db24-475d-99ee-8cda86f59ba6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2020 06:48:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 06:29:43 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 06:29:28 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 09:48:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (02/12/2020 07:05:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2020-02-12 01:40:17.178
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:13.843
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:11.967
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:39:46.919
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$EXa1028.46229\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 00:59:37.874
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ludicrouz.O
ID: 2147723196
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso; file:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso->the-elder-scrolls-v-skyrim-special-edit_328601.exe; webfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso|https://giliderterp.cf/?24d41f02e14db3f ... 1113699625
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MSI\skimi
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 18:18:23.564
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: MSI\skimi
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Verze bezpečnostních informací: AV: 1.309.826.0, AS: 1.309.826.0
Verze modulu: 1.1.16700.3
CodeIntegrity:
===================================
Date: 2020-01-25 13:14:20.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:20.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.051
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.039
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E16P6IMS.107 09/05/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P6
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 31%
Total physical RAM: 16230.21 MB
Available physical RAM: 11103.07 MB
Total Virtual: 18662.21 MB
Available Virtual: 11487.91 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:17.95 GB) NTFS
Drive d: () (Fixed) (Total:912.76 GB) (Free:201.66 GB) NTFS
\\?\Volume{473e7fc5-f5a9-405f-ae34-7499bc2514e9}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{2133cda6-146c-4b93-b6fa-4ea546b0a6cc}\ (BIOS_RVY) (Fixed) (Total:18.75 GB) (Free:0.23 GB) NTFS
\\?\Volume{c648f47e-00d7-41ce-b5d5-1e5f31ee38ac}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 4FC43474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4FC43456)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by skimi (12-02-2020 19:33:19)
Running from D:\Plocha
Windows 10 Home Version 1903 18362.592 (X64) (2019-06-22 21:15:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2466524190-1393262879-1045153092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2466524190-1393262879-1045153092-503 - Limited - Disabled)
Guest (S-1-5-21-2466524190-1393262879-1045153092-501 - Limited - Disabled)
skimi (S-1-5-21-2466524190-1393262879-1045153092-1001 - Administrator - Enabled) => C:\Users\skimi
WDAGUtilityAccount (S-1-5-21-2466524190-1393262879-1045153092-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{334850ef-c0ab-431a-a26f-193c2fdaa072}) (Version: 21.40.2 - Intel Corporation)
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.41 - Rivet Networks)
AR8171 Drivers (HKLM\...\{8386D032-4BA5-4BDA-A86D-22A2761881AA}) (Version: 1.0.0.41 - Rivet Networks) Hidden
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.47.11 - Bethesda Softworks)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1807.301 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CrossHair (HKLM-x32\...\{8436142A-9949-48E9-B24A-F2C7408302FA}) (Version: 1.0.1 - Mike Lin)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0939 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{466EA30A-9B38-4AD2-A6B0-18D6E0C1A848}) (Version: 1.1.206.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{BA700CA0-A940-43A5-9779-560DADB0C245}) (Version: 0.11.0 - prekladyher.eu)
Fallout 4 MULTi8 - ElAmigos version 1.10.114 (HKLM-x32\...\{56CEC358-CB9B-4FC3-9ADD-E8C152257F88}_is1) (Version: 1.10.114 - Bethesda Softworks)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.0.1027 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightscreen version 2.4 (HKLM-x32\...\{4A59754E-D644-4F84-9768-41F68053F08E}_is1) (Version: 2.4 - Christian Kaiser)
Microsoft OneDrive (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.1 - Black Tree Gaming)
No Mans Sky Beyond (HKLM-x32\...\No Mans Sky Beyond_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-23] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-31] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.37.23001.0_x64__8wekyb3d8bbwe [2020-01-30] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-06-20] (INTEL CORP)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12430.20184.0_x86__8wekyb3d8bbwe [2020-02-05] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.3.11.0_x64__w2gh52qy24etm [2019-12-25] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-09-30] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2285.0_x64__8j3eq9eme6ctt [2020-01-29] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.181.0_x64__dt26b99r8h8gj [2019-07-30] (Realtek Semiconductor Corp)
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.23255.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0 [2020-01-31] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-05-02] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2002.1001.3.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-06-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_35a30ae62301e800\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-20 01:36 - 2019-12-20 01:36 - 001414656 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avcodec-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000898048 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avformat-58.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000451072 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\avutil-56.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000151552 _____ () [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\swresample-3.dll
2017-12-27 19:00 - 2017-12-27 19:00 - 000105984 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2015-06-12 03:35 - 2015-06-12 03:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\LIBEAY32.dll
2019-12-20 01:36 - 2019-12-20 01:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\skimi\AppData\Roaming\uTorrent Web\SSLEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\LIBEAY32.dll
2019-09-14 16:41 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Games\Origin\ssleay32.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\platforms\qwindows.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Core.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Gui.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Network.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Widgets.dll
2019-09-14 16:41 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Games\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\skimi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8282CEFB-DD13-4343-96CF-FC47D96D835E}] => (Allow) D:\Games\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{21C6372F-F346-4071-80DE-F5B25CAE7115}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C08642FB-D5F0-45B7-B7BA-D9309ABE2331}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8984C116-F641-4B78-82A3-B21A8BCE3367}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{958B5F78-10CF-4F28-AB83-EB54767E154D}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4AF14A16-D370-45BA-96B9-F78AF6CBD3E6}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E4AEA161-EBCA-44DF-9AD4-D7A09A973AD9}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{53EAAE13-446A-41A8-83CB-A6131DC649F0}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A898B99E-36C6-4B5F-83E2-9F0888BA55BF}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{93C3D178-69E2-406F-8294-8C4F5A70E2AB}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{99BFEC0D-D797-4E51-8D92-F7BE01415A68}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{20EBE934-817D-49F5-B0B7-AD96CD13752F}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{474E9FC4-41BD-4817-B197-38DC728C978A}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{4FBFB75C-4EE7-482E-880A-5CA599EE313E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BBA71315-0C6B-4C2A-B257-6795A955E30E}] => (Allow) D:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{525F8754-0A4A-48AE-809C-4ED2F540DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{909603A2-8623-43A7-AAFC-09C9198F4D59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49BB1C2-BCDB-4156-BB2C-504B47A66DBC}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{B78AD7B6-B13D-4066-8058-1AD2037C736A}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{51B92E96-EEAE-4887-B0FB-F235903DD084}] => (Allow) LPort=3001
FirewallRules: [{8C7CAB6B-D235-4136-9835-335C1600A608}] => (Allow) LPort=3000
FirewallRules: [{8E475E85-DBE7-4675-9D1A-167C2F18DFC5}] => (Allow) LPort=3000
FirewallRules: [{1B2DA007-9E2D-4149-B465-455A34709BED}] => (Allow) LPort=3000
FirewallRules: [{F33ABEDD-0F39-4949-8CFC-1173B3D631D5}] => (Allow) LPort=3001
FirewallRules: [{6B43B002-0014-4E47-943F-075001E340A8}] => (Allow) LPort=3001
FirewallRules: [{02589376-A544-4FFA-8333-381686BC3238}] => (Allow) LPort=4001
FirewallRules: [{337AD62D-70AB-4CE3-AC3F-7E48F0CC4AC1}] => (Allow) LPort=4000
FirewallRules: [{8C0ACA11-6F12-4391-BC8B-0A2477A2B5D8}] => (Allow) LPort=4000
FirewallRules: [{2AFD1C93-52F7-4F45-A03B-173B09DFBA15}] => (Allow) LPort=4000
FirewallRules: [{89562DEF-55F9-4750-8A7B-5F6E3254E445}] => (Allow) LPort=4001
FirewallRules: [{1F545F66-FB5B-42DF-A698-C0CA03AE0A45}] => (Allow) LPort=4001
FirewallRules: [TCP Query User{0F489DB7-3130-4DDE-B908-86079389D9D3}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B08688D2-B719-423B-A50A-BB16982853DE}C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\skimi\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{7FAF299C-0F77-40AB-9BF5-5B8E1546F7C5}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4843CEE8-0225-42B5-86CE-3730E5AD481A}C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe] => (Allow) C:\users\skimi\appdata\roaming\.creativeportal\jre\bin\javaw.exe
FirewallRules: [{11967A68-C4F5-4A81-9071-CA255CCDB18F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{DFAA91D0-A41A-4E2D-8E4B-C81FDB223B38}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [{0B48ED66-025D-4C8F-848F-6FBE652A5F76}] => (Allow) D:\Games\Steam\steamapps\common\Brut@l\Brut@l.exe () [File not signed]
FirewallRules: [TCP Query User{79306124-DF56-4F40-BCAA-EF3E41D02074}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{55C350AC-F18D-4D1D-8470-BE8E2B9FE223}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{CD6EB7FF-A70A-4E01-9CDC-759BE8639769}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{CFCEB538-9C31-4CFD-8102-9AF765043C37}] => (Allow) D:\Games\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{81599231-9A02-449B-847A-B5166B73A4C9}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{DC48E686-25E1-49FA-8E66-E5B790248883}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{DCBBAF82-EB84-4ABE-BF10-6160FF0869D6}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{D763ED98-6A03-4626-983B-5FA430DED699}D:\games\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A2676D07-25C4-4511-8634-B00AFF0F65A5}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{820D84DF-9B4F-4CC9-867F-745B5FB437F4}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{B5D758F1-B2FC-42F2-8734-A0B0FFF946E8}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{F4E49774-B08F-4428-BFA9-2F470FC81DDB}] => (Allow) D:\Games\Steam\steamapps\common\Grip\Grip\Binaries\Win64\Grip-Win64-Shipping.exe (Caged Element Inc. -> Caged Element Inc.)
FirewallRules: [{A1430118-CEF4-450E-9C20-992485D7B99F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86F93381-06ED-44FB-80D0-6C4409DB5FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F08491E8-9719-4C09-8827-A62227D990CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99295176-9890-4DAD-B586-4F404CF4F479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19706760-D55E-4C46-B4FE-4F3DDBE812D3}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{9DD18CF9-D164-4974-8838-10BA87925F3E}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{2E2FDF39-5B0D-4900-B416-92BA831132BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ADF48258-6608-4B40-957F-F043DAF828C2}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [{D3F13E6B-BEE4-4B44-9CB2-FE4DCDC1993B}] => (Allow) C:\Users\skimi\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{15CD25AD-92D2-4A6D-99F6-FF4C59C1963F}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{0D594371-5640-4567-88E8-3729A4BB1F34}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{F1745E8E-D2D6-4911-97FA-3D92AC32770F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E929B175-37DB-4237-B03F-502B0ECD29B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD1EC55F-3818-4B9A-BA41-6D8482D3C32F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D693D25A-DB34-4C3A-97B8-BCA99C0D2A63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F55AFD8-4EB3-490F-8DF4-56C29B46855E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AD40CBC-85AE-4745-B47B-CDC95DE210B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72D69478-A389-4877-A696-A7F26DAEE6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF35E496-0FFD-4919-84C4-5DD65A60121D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{310CA13A-5754-4C6E-95E3-83AA80D062E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12430.20184.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EBD363-626F-419C-9048-9586AF53F1CF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{E3D57831-E978-439E-8F11-904E43E41521}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{DA8BD07F-1249-42AC-A7A5-A9FDD67FDA87}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:17.95 GB) (15%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/12/2020 07:30:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14472,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 07:13:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6748,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 07:06:09 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (02/12/2020 07:05:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.19.2734.4859, časové razítko: 0x5d8a4cce
Název chybujícího modulu: NahimicOSD.dll, verze: 2.1.13.60737, časové razítko: 0x5da9b811
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014a04
ID chybujícího procesu: 0x1ad0
Čas spuštění chybující aplikace: 0x01d5e1ceff38064e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll
ID zprávy: 13bc7361-db24-475d-99ee-8cda86f59ba6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2020 06:48:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/12/2020 06:29:43 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 06:29:28 PM) (Source: MsiInstaller) (EventID: 11721) (User: MSI)
Description: Product: CrossHair -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _DF85204F_5583_4F82_B50A_CC4E5965D955, location: D:\Games\crosshair\CrossHair.exe, command: /die
Error: (02/12/2020 09:48:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (02/12/2020 07:05:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv08.dll
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/12/2020 07:05:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2020-02-12 01:40:17.178
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:13.843
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:40:11.967
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$DRa1028.594\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: MSI\skimi
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 01:39:46.919
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\skimi\AppData\Local\Temp\Rar$EXa1028.46229\Skyrim_Special_Edition_Update_v1.5.97.0\Update\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 00:59:37.874
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ludicrouz.O
ID: 2147723196
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso; file:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso->the-elder-scrolls-v-skyrim-special-edit_328601.exe; webfile:_D:\Stažené google chrome\the-elder-scrolls-v-skyrim-special-edit_328601.iso|https://giliderterp.cf/?24d41f02e14db3f ... 1113699625
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MSI\skimi
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.309.767.0, AS: 1.309.767.0, NIS: 1.309.767.0
Verze modulu: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-02-12 18:18:23.564
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.D!ml
ID: 2147749373
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: MSI\skimi
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Verze bezpečnostních informací: AV: 1.309.826.0, AS: 1.309.826.0
Verze modulu: 1.1.16700.3
CodeIntegrity:
===================================
Date: 2020-01-25 13:14:20.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:20.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.051
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2020-01-25 13:14:17.039
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-14 18:55:58.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\A-Volute.NahimicDevProps2.dll that did not meet the Store signing level requirements.
Date: 2019-12-13 00:35:41.090
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\NahimicOSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E16P6IMS.107 09/05/2018
Motherboard: Micro-Star International Co., Ltd. MS-16P6
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 31%
Total physical RAM: 16230.21 MB
Available physical RAM: 11103.07 MB
Total Virtual: 18662.21 MB
Available Virtual: 11487.91 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:17.95 GB) NTFS
Drive d: () (Fixed) (Total:912.76 GB) (Free:201.66 GB) NTFS
\\?\Volume{473e7fc5-f5a9-405f-ae34-7499bc2514e9}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{2133cda6-146c-4b93-b6fa-4ea546b0a6cc}\ (BIOS_RVY) (Fixed) (Total:18.75 GB) (Free:0.23 GB) NTFS
\\?\Volume{c648f47e-00d7-41ce-b5d5-1e5f31ee38ac}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 4FC43474)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4FC43456)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start SystemRestore: On CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe" HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe" Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath Task: {16a2d488-8bb9-43cf-8d92-085a5cdc1577} - no filepath Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath Task: {3c4f252a-c26f-4e95-aeeb-d006d6ad4322} - no filepath Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath Task: {929aba5f-7b65-44c9-8a8a-94035ea08854} - no filepath Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL = SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL = FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799 FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799 CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113&itype=n&ver=11471&tm=277&src=hmp","hxxp://www.mystartsearch.com/?type=hp&ts=1415233992&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9ECA38641","hxxp://www.istartsurf.com/?type=hp&ts=1444998631&z=102eb7221aad25c01f9204eg7zazbz0t9t2b3z6edb&from=obw&uid=ST1000LM024XHN-M101MBB_S2U5J9ECA38641","hxxp://www.mystartsearch.com/?type=hp&ts=1444999188&z=46881391ff8ec1d13ce5d91g4z3zdzbt5t6b7t8w9q&from=cmi&uid=ST1000LM024XHN-M101MBB_S2U5J9ECA38641","hxxp://www.hohosearch.com/?mode=nnnb&ptid=isr&uid=3EA726640E750CD3A94B765DB809FB1A&v=20160329&ts=AHEpCHQqBHEsB0..","hxxps://www.google.com/" CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo 2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp 2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] Hosts: EmptyTemp: End - Klikni na Subor a potom na Ulozit
- Vpravo dole vyber kodovanie UTF-8
- Subor uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by skimi (14-02-2020 16:36:39) Run:1
Running from D:\Plocha
Loaded Profiles: skimi (Available Profiles: skimi)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SystemRestore: On
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe"
Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath
Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath
Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath
Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath
Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath
Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath
Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath
Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath
Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath
Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath
Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath
Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath
Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath
Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath
Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath
Task: {16a2d488-8bb9-43cf-8d92-085a5cdc1577} - no filepath
Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath
Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath
Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath
Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath
Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath
Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath
Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath
Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath
Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath
Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath
Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath
Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath
Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath
Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath
Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath
Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath
Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath
Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath
Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath
Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath
Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath
Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath
Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath
Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath
Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath
Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath
Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath
Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath
Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath
Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath
Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath
Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath
Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath
Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath
Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath
Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath
Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath
Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath
Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath
Task: {3c4f252a-c26f-4e95-aeeb-d006d6ad4322} - no filepath
Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath
Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath
Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath
Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath
Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath
Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath
Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath
Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath
Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath
Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath
Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath
Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath
Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath
Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath
Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath
Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath
Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath
Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath
Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath
Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath
Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath
Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath
Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath
Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath
Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath
Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath
Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath
Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath
Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath
Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath
Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath
Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath
Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath
Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath
Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath
Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath
Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath
Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath
Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath
Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath
Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath
Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath
Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath
Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath
Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath
Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath
Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath
Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath
Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath
Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath
Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath
Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath
Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath
Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath
Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath
Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath
Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath
Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath
Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath
Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath
Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath
Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath
Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath
Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath
Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath
Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath
Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath
Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath
Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath
Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath
Task: {929aba5f-7b65-44c9-8a8a-94035ea08854} - no filepath
Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath
Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath
Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath
Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath
Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath
Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath
Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath
Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath
Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath
Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath
Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath
Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath
Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath
Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath
Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath
Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath
Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath
Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath
Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath
Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath
Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath
Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath
Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath
Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath
Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath
Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath
Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath
Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath
Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath
Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath
Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath
Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath
Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath
Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath
Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath
Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath
Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath
Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath
Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath
Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath
Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath
Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath
Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath
Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath
Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath
Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath
Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath
Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath
Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath
Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath
Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath
Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath
Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath
Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath
Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath
Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath
Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath
Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath
Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath
Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath
Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath
Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath
Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath
Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath
Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath
Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath
Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath
Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath
Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath
Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath
Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath
Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath
Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath
Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath
Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL =
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL =
FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113& ... oogle.com/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo
2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp
2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
Hosts:
EmptyTemp:
End
*****************
SystemRestore: On => completed
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 1
Average :
Sum : 282
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04bbfd6e-d90a-433f-a6a6-d0be131a91f7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04ee55ef-6d28-4dad-b52f-88b7d0312c70}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05908d87-fa77-40b1-94f0-1fc11f6e6ae3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0a94a26a-c700-4693-8813-179bbd8c0805}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0cff3b3c-9655-48ff-88c1-5f0331965203}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0fe9fd42-0520-475e-859d-fabd7828848a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1050f032-ed46-4367-937b-5b8fe17c7bf4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10625bc0-74ec-4946-9960-a1f863437abf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{119491dc-5ab1-4690-80b6-f97c48a23d60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13e2a75f-b7bc-4b5c-bfda-2c021e986462}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14ec36e2-0960-41d6-adc0-1616fbb2df20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1677f3e4-d3ec-4300-ada1-130140bc1ef4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16a2d488-8bb9-43cf-8d92-085a5cdc1577}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18197c21-c9dd-4399-98d8-446830000911}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{187ecf42-a6c8-4926-959c-d83a5190d6ff}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19be25f5-c054-4446-abab-22f51376a0f3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1b109615-39bc-46fd-8da6-8b74e0511128}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1b8f8a59-caf7-43f1-917a-3477f511f684}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1bc5a719-0300-4765-98b7-a665e8586278}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1dec00fa-3471-4db8-8175-7760f4ec499f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1faf5a4d-84fa-40b6-90f9-240c60a0ae0d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2045fd08-c421-457f-ae22-66171c5a291e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21767f21-dfdf-4aa3-b107-6fb0a22682e3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24beb93d-f5fc-4fdc-a040-e1c935b3c050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{252a5b4b-0836-45fa-b2d4-24628f18e620}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26241631-c792-446f-8ca0-368bce2d4874}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26e8a721-5ff7-4f05-b566-9bb732c5c4d2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2759ca7a-da77-4d0a-85e6-e65e8bb58b58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285e78ea-3393-4ec0-836f-8a2eabbfcdb1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29c9fd06-e500-49a7-b364-f2019e542e84}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2a8b722b-964b-43e4-a142-a3dce99c17be}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ac908ce-8e02-46fd-9aaf-57150ed77917}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2b955959-55cf-455d-84e8-5d3a07746e80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2d183e8e-60ee-4225-91e5-e3878afec979}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2da1e01a-cb61-4ae8-9c7f-726ac2bd9745}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31b9fcfb-435b-492d-a469-d39349f53c0f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32171f89-d17e-4268-83ad-3ca171a70c63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3218781f-b2d4-4125-a176-5401d6d156dc}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32815fa8-b734-4c73-ac90-4a30dd33f7c6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329d667b-7073-44e9-a232-cc7293987563}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32ea21a9-94a6-4b36-b89f-136cfd2cacf9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{330dbc50-52bc-44de-b8a4-d04701f0d31f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332675df-9780-455d-993f-a9888b2f0da9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{339bf5e0-e2ce-4f0e-938b-1c740353e6b4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33c888ba-6796-488e-91d4-b063e287fbd0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{361cd11e-0e9a-4999-93a4-928855978de7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3630a7af-3262-4f71-af39-2bad147d8cd5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3631b3c0-5a9a-4df2-a56b-431f654fd396}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36cb1884-117f-4d04-b748-50eea978c42d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37a76c16-e11d-4d82-93cb-4b992c4a3f15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3a823219-b00c-4426-915f-5c1c07919cfa}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3c4f252a-c26f-4e95-aeeb-d006d6ad4322}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3e03499d-3b19-401c-b38d-6fa56a3c5f20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3eee23ad-4290-4d9c-9202-291932cb7c22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421dcb63-7e99-4fad-a5bd-4469992068a2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{448f0ac7-db87-4d0c-8015-6a6b1e11da51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44ebca0a-3109-496f-b430-55fe25835e20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{451c1ce4-85e6-4875-ae2a-cb8a0ece053a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457da542-38bf-4728-b103-7505d6726c39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45933e1f-969e-433c-8bf7-9bc4fa347415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{471b9772-ec04-43c6-940c-679ae0e5be17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482ec0e9-c6bf-430b-9acf-779b124d6c7c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48d72db0-5c30-46a0-8b8c-f4961836732c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49d7fd2a-6dce-442b-8411-fa6266e56db7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4b82410e-0b67-4571-8efa-fee1660aa4d2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c4cb7d2-fa63-400d-8d65-26a149afb2d5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c67c98e-2b5c-4dda-9c7f-d982e92feba7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5088ed94-3403-4318-8bdd-ab60ffcacdd7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532c08ef-ed7c-45e9-b7ad-a387cbca5ed3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{539fbfac-978c-4c50-96e9-96acef23781d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54521433-e613-4f06-9712-0d3179dd2bc8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56639eb6-4e99-4daf-a17e-4ea5ae396044}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56e4945f-88e9-4649-a7b1-23cfdd6d10cb}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57417da3-54b2-4fdc-902e-588ba00d1588}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59b667e9-0ee9-46f2-b653-78ccc83f412e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5a528ad2-23a8-4bb3-93c3-52fffe659bb4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ca8d739-f623-432e-9683-97ec3b4ab1c2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5d2af43b-73a6-406a-88ff-e7e546f20b6c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ea022b2-cd9f-4199-9d89-5b112b09c3e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ef26ac8-0b8c-4094-a4f4-446c0fb09665}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5f4b4b08-1a67-437b-b1de-1e0058af47ba}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5fd870ac-99d2-46f8-8eaa-aa536e792f13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60229022-53f4-4fb7-a458-330801228a3b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6350b364-6a31-419d-8c33-5a2d5aeb185e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63669688-6ef5-4ea4-a43f-848ce2d317f0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{649ff32a-f3f9-4efc-9c60-8088d95ec473}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6798fa7f-142e-4a8d-985d-eb1d738d769c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a35082b-cd90-4495-8645-3ff3dacce758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a73275c-bfba-4ef1-bb9b-31b1b6766753}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a79beb3-a996-46bc-b0af-e42c760de443}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6b872682-249f-4d93-9d14-517789c49f74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6c25656c-b897-41ff-98d6-a0c54b165c78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d082b63-db87-472a-b188-128b6abc225d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d23c081-7601-4622-83f6-59072f18d6d6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d63ec78-d622-4f0e-a4b6-93f44ba620c4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6fa593a9-35a5-4231-8682-dbd9f6d01e82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70b8c203-9f40-4aa9-a0e3-2c98212f7175}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70cb5770-c9c6-45ef-8224-a2a5b3a767e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7127efc1-8588-4492-b177-c57b77a1fcc4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71a74976-996d-43c1-8025-9b2526e27a44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722edb42-de72-4ed9-a682-769bc03c1617}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73f7adac-2639-42dc-ad52-9943fb5c7cee}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{768b70e7-10f1-4e45-bc0e-e7bd7939639e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7b3b7346-3748-4b05-b64e-33af249b3fef}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7c78e335-a105-4187-a575-18df70fbcd96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80ec0846-0697-4f72-80df-835c40ad41a3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82924ef4-3183-4bf2-b521-c9cc74833401}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{844cbe2b-d923-4184-92df-94051307eccf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{897a9a3c-8e6c-4459-8e1b-8de137c6ad5d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89a5b4ec-6c1f-4195-986a-04dd62cad69f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8b35b28c-36c7-4d90-8ffe-ca66da459586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8b9533b3-de40-4c8b-bda4-877a43f130d8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8bf63f20-cc1c-4520-8fe3-8782a18cb53b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8c30bd7c-6137-4e9f-91c1-8248be99183c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8f343704-d8ae-4daa-a716-cd795ba8a02c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8fde7141-3a84-4d8a-8172-162c552dd4a4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8fe3e76d-b989-4468-bc88-0e57573f4369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91ec7577-d0a1-425f-ae55-a11916fb8ad9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{929aba5f-7b65-44c9-8a8a-94035ea08854}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93616457-aca1-4383-ae66-b2d44b0a469e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9415e840-b85c-4782-8427-aad860505d9f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94bc0566-241c-4cfa-b126-eb79bfa2e15c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94fbf91e-70f3-45ff-bc7d-ed826cce03a7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96700118-420a-4bea-8e5b-1bb39ed143ad}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97f9c1e2-f880-42b6-a438-0dde9531ee57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9927ec89-64a7-4713-916a-fbd8340942ae}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99661a04-2b46-4aea-85e8-86ea15119e3a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99afbf49-25bd-4299-a58a-a27e348b2071}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9a620831-2be4-4c8a-b480-0c56347229a0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9cb9f84f-66c0-4711-9090-4065aeab7fa4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9cdc7073-d65a-4e69-87fb-cc2d82799070}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9d4048c4-1751-42e2-aa04-79c53f3693f8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9df1763d-25c5-4613-b7cf-b4abaee8cc49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9fc8a881-3e22-40fb-8562-3b239b5b8779}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a0133c1f-7c98-4151-9d5b-0d91f8cf228b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a160e22a-01b7-4505-bcd2-6d9e2e7380b8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a18a1c93-f686-41b7-a781-6ff1a3542831}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a3677273-558d-493a-bbff-1ce12c2afa1a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a368988f-826c-4016-b2d8-315949b3eb82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a57b79f2-1ce7-4050-a887-87f9245c6f54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a90eb85e-e619-4836-a5da-f8829fb36d82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{aaf74cde-7585-4833-89a7-3d8dbd51d889}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ac453888-02e7-4493-83a5-a78978f4b225}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ad51b1df-97a8-4c80-83c5-af2e275a267c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b22740e8-052a-4cc1-b0a6-3d30132c44c3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b5027593-2f49-4192-9a54-d3cdaaa4594a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b563fe5f-962b-484d-9d2f-38e727302110}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b83265e5-85b7-4a11-a3d8-89455cbb7100}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b8421ca1-21a9-491e-a0f4-db07bc97e31c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b9eb37ec-957d-46ae-88c8-80b0a796c451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bdeaa514-8356-4763-9580-a19197d2079c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{be66053e-6593-45f8-af4f-92e9b2d62050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bf79b821-6394-47d6-a29c-49555f89feaf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c3aa2171-6b28-4657-a83f-b40b4327b004}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c3d95eeb-4b4f-4b32-8d78-5521da2c09bf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c4ede316-8a79-4a30-b018-a4ab516ac525}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5943838-4837-4bc6-a78d-5c9f63d81400}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5c8a34f-4df1-4a44-9a4a-e8406cae9457}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5f10e70-a527-4f17-93a5-3389245f41de}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c7403372-1861-4b5a-8127-23c4d89b91fc}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c7d62ee9-2e68-41b2-b665-6472f94d74fb}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ca7f2699-2ace-46cf-9910-d74f88987a99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ce609d0a-b8e9-4fef-8d20-aa807fabf422}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{cf5c356c-db3e-4425-a108-369342895369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d298ae94-455b-4cb2-b108-d04283a6d04a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d55278d4-cfd7-4cf6-a6f7-45146ddafead}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d5da2256-61bd-4385-9bc5-a5727a5826ea}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d607519b-c3dc-4709-86c7-8fbadca75f2a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d97b891e-68b4-4873-8c50-e401029c666e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da28ff2e-3d7f-47fa-aeac-d1e8cbda0443}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da9f0834-98d2-4042-8c52-6d3d2b0320d9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{de55a2c2-40e2-4b23-8444-372b20bf588f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{df031589-7db6-47b6-b96d-23438137a0d1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{df4421e1-848f-4ec5-9bd9-885e9bb27787}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{dfe52ff8-fda8-4926-94a4-067859d2207c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e67a2733-d7d8-4b33-9e81-5210594208f3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e953a38a-26b7-4157-a479-4676ce57c89a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ea5b1554-061f-46c7-bfef-45a36d54f2af}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f2a502a9-d2d6-4e80-8a1d-7a2d99db2369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f479f3a8-e268-4a93-ac88-29c92738c3a8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f58416ba-70a7-4d89-970a-4230218a08a7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f6574598-e2b4-4581-b5a1-121b47941513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f77e89bc-ca1f-4d5e-9fd5-912312977684}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f83f4b89-44d7-41be-8676-cc8601a76fff}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fe8ccd90-50d5-47a8-96ee-5d56871d9e4a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fec4dee3-36fd-455b-9734-9ec13b02d609}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fee563c5-9524-47c5-8e1a-b19a3b48d27a}" => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C595095-E389-4D97-8166-24348CC710BC} => removed successfully
"Firefox homepage" => removed successfully
"Firefox newtab" => removed successfully
"Chrome Notifications" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
C:\Users\skimi\AppData\Local\Tempbannercash.tmp => moved successfully
C:\Users\skimi\AppData\Local\Tempnewscash.tmp => moved successfully
C:\Users\skimi\Data aplikací => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully
"C:\Users\skimi\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16013874 B
Java, Flash, Steam htmlcache => 355165497 B
Windows/system/drivers => 8479005 B
Edge => 879655 B
Chrome => 385372265 B
Firefox => 23915220 B
Opera => 139985 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 13718 B
skimi => 373857669 B
RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End 1 Fixlog 16:37:49 ====
Ran by skimi (14-02-2020 16:36:39) Run:1
Running from D:\Plocha
Loaded Profiles: skimi (Available Profiles: skimi)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SystemRestore: On
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} - "E:\setup.exe"
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\...\MountPoints2: {31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} - "H:\setup.exe"
Task: {04bbfd6e-d90a-433f-a6a6-d0be131a91f7} - no filepath
Task: {04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c} - no filepath
Task: {04ee55ef-6d28-4dad-b52f-88b7d0312c70} - no filepath
Task: {05908d87-fa77-40b1-94f0-1fc11f6e6ae3} - no filepath
Task: {0a94a26a-c700-4693-8813-179bbd8c0805} - no filepath
Task: {0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b} - no filepath
Task: {0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1} - no filepath
Task: {0cff3b3c-9655-48ff-88c1-5f0331965203} - no filepath
Task: {0fe9fd42-0520-475e-859d-fabd7828848a} - no filepath
Task: {1050f032-ed46-4367-937b-5b8fe17c7bf4} - no filepath
Task: {10625bc0-74ec-4946-9960-a1f863437abf} - no filepath
Task: {119491dc-5ab1-4690-80b6-f97c48a23d60} - no filepath
Task: {13e2a75f-b7bc-4b5c-bfda-2c021e986462} - no filepath
Task: {14ec36e2-0960-41d6-adc0-1616fbb2df20} - no filepath
Task: {1677f3e4-d3ec-4300-ada1-130140bc1ef4} - no filepath
Task: {16a2d488-8bb9-43cf-8d92-085a5cdc1577} - no filepath
Task: {18197c21-c9dd-4399-98d8-446830000911} - no filepath
Task: {187ecf42-a6c8-4926-959c-d83a5190d6ff} - no filepath
Task: {19be25f5-c054-4446-abab-22f51376a0f3} - no filepath
Task: {1b109615-39bc-46fd-8da6-8b74e0511128} - no filepath
Task: {1b8f8a59-caf7-43f1-917a-3477f511f684} - no filepath
Task: {1bc5a719-0300-4765-98b7-a665e8586278} - no filepath
Task: {1dec00fa-3471-4db8-8175-7760f4ec499f} - no filepath
Task: {1faf5a4d-84fa-40b6-90f9-240c60a0ae0d} - no filepath
Task: {2045fd08-c421-457f-ae22-66171c5a291e} - no filepath
Task: {21767f21-dfdf-4aa3-b107-6fb0a22682e3} - no filepath
Task: {24beb93d-f5fc-4fdc-a040-e1c935b3c050} - no filepath
Task: {252a5b4b-0836-45fa-b2d4-24628f18e620} - no filepath
Task: {26241631-c792-446f-8ca0-368bce2d4874} - no filepath
Task: {26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de} - no filepath
Task: {26e8a721-5ff7-4f05-b566-9bb732c5c4d2} - no filepath
Task: {2759ca7a-da77-4d0a-85e6-e65e8bb58b58} - no filepath
Task: {285e78ea-3393-4ec0-836f-8a2eabbfcdb1} - no filepath
Task: {29c9fd06-e500-49a7-b364-f2019e542e84} - no filepath
Task: {2a8b722b-964b-43e4-a142-a3dce99c17be} - no filepath
Task: {2ac908ce-8e02-46fd-9aaf-57150ed77917} - no filepath
Task: {2b955959-55cf-455d-84e8-5d3a07746e80} - no filepath
Task: {2d183e8e-60ee-4225-91e5-e3878afec979} - no filepath
Task: {2da1e01a-cb61-4ae8-9c7f-726ac2bd9745} - no filepath
Task: {31b9fcfb-435b-492d-a469-d39349f53c0f} - no filepath
Task: {32171f89-d17e-4268-83ad-3ca171a70c63} - no filepath
Task: {3218781f-b2d4-4125-a176-5401d6d156dc} - no filepath
Task: {32815fa8-b734-4c73-ac90-4a30dd33f7c6} - no filepath
Task: {329d667b-7073-44e9-a232-cc7293987563} - no filepath
Task: {32ea21a9-94a6-4b36-b89f-136cfd2cacf9} - no filepath
Task: {330dbc50-52bc-44de-b8a4-d04701f0d31f} - no filepath
Task: {332675df-9780-455d-993f-a9888b2f0da9} - no filepath
Task: {339bf5e0-e2ce-4f0e-938b-1c740353e6b4} - no filepath
Task: {33c888ba-6796-488e-91d4-b063e287fbd0} - no filepath
Task: {361cd11e-0e9a-4999-93a4-928855978de7} - no filepath
Task: {3630a7af-3262-4f71-af39-2bad147d8cd5} - no filepath
Task: {3631b3c0-5a9a-4df2-a56b-431f654fd396} - no filepath
Task: {36cb1884-117f-4d04-b748-50eea978c42d} - no filepath
Task: {37a76c16-e11d-4d82-93cb-4b992c4a3f15} - no filepath
Task: {3a823219-b00c-4426-915f-5c1c07919cfa} - no filepath
Task: {3c4f252a-c26f-4e95-aeeb-d006d6ad4322} - no filepath
Task: {3e03499d-3b19-401c-b38d-6fa56a3c5f20} - no filepath
Task: {3eee23ad-4290-4d9c-9202-291932cb7c22} - no filepath
Task: {421dcb63-7e99-4fad-a5bd-4469992068a2} - no filepath
Task: {448f0ac7-db87-4d0c-8015-6a6b1e11da51} - no filepath
Task: {44ebca0a-3109-496f-b430-55fe25835e20} - no filepath
Task: {451c1ce4-85e6-4875-ae2a-cb8a0ece053a} - no filepath
Task: {457da542-38bf-4728-b103-7505d6726c39} - no filepath
Task: {45933e1f-969e-433c-8bf7-9bc4fa347415} - no filepath
Task: {471b9772-ec04-43c6-940c-679ae0e5be17} - no filepath
Task: {482ec0e9-c6bf-430b-9acf-779b124d6c7c} - no filepath
Task: {48d72db0-5c30-46a0-8b8c-f4961836732c} - no filepath
Task: {49d7fd2a-6dce-442b-8411-fa6266e56db7} - no filepath
Task: {4b82410e-0b67-4571-8efa-fee1660aa4d2} - no filepath
Task: {4c4cb7d2-fa63-400d-8d65-26a149afb2d5} - no filepath
Task: {4c67c98e-2b5c-4dda-9c7f-d982e92feba7} - no filepath
Task: {5088ed94-3403-4318-8bdd-ab60ffcacdd7} - no filepath
Task: {532c08ef-ed7c-45e9-b7ad-a387cbca5ed3} - no filepath
Task: {539fbfac-978c-4c50-96e9-96acef23781d} - no filepath
Task: {54521433-e613-4f06-9712-0d3179dd2bc8} - no filepath
Task: {56639eb6-4e99-4daf-a17e-4ea5ae396044} - no filepath
Task: {56e4945f-88e9-4649-a7b1-23cfdd6d10cb} - no filepath
Task: {57417da3-54b2-4fdc-902e-588ba00d1588} - no filepath
Task: {59b667e9-0ee9-46f2-b653-78ccc83f412e} - no filepath
Task: {5a528ad2-23a8-4bb3-93c3-52fffe659bb4} - no filepath
Task: {5ca8d739-f623-432e-9683-97ec3b4ab1c2} - no filepath
Task: {5d2af43b-73a6-406a-88ff-e7e546f20b6c} - no filepath
Task: {5ea022b2-cd9f-4199-9d89-5b112b09c3e7} - no filepath
Task: {5ef26ac8-0b8c-4094-a4f4-446c0fb09665} - no filepath
Task: {5f4b4b08-1a67-437b-b1de-1e0058af47ba} - no filepath
Task: {5fd870ac-99d2-46f8-8eaa-aa536e792f13} - no filepath
Task: {60229022-53f4-4fb7-a458-330801228a3b} - no filepath
Task: {6350b364-6a31-419d-8c33-5a2d5aeb185e} - no filepath
Task: {63669688-6ef5-4ea4-a43f-848ce2d317f0} - no filepath
Task: {649ff32a-f3f9-4efc-9c60-8088d95ec473} - no filepath
Task: {6798fa7f-142e-4a8d-985d-eb1d738d769c} - no filepath
Task: {69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0} - no filepath
Task: {6a35082b-cd90-4495-8645-3ff3dacce758} - no filepath
Task: {6a73275c-bfba-4ef1-bb9b-31b1b6766753} - no filepath
Task: {6a79beb3-a996-46bc-b0af-e42c760de443} - no filepath
Task: {6b872682-249f-4d93-9d14-517789c49f74} - no filepath
Task: {6c25656c-b897-41ff-98d6-a0c54b165c78} - no filepath
Task: {6d082b63-db87-472a-b188-128b6abc225d} - no filepath
Task: {6d23c081-7601-4622-83f6-59072f18d6d6} - no filepath
Task: {6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b} - no filepath
Task: {6d63ec78-d622-4f0e-a4b6-93f44ba620c4} - no filepath
Task: {6fa593a9-35a5-4231-8682-dbd9f6d01e82} - no filepath
Task: {70b8c203-9f40-4aa9-a0e3-2c98212f7175} - no filepath
Task: {70cb5770-c9c6-45ef-8224-a2a5b3a767e7} - no filepath
Task: {7127efc1-8588-4492-b177-c57b77a1fcc4} - no filepath
Task: {71a74976-996d-43c1-8025-9b2526e27a44} - no filepath
Task: {722edb42-de72-4ed9-a682-769bc03c1617} - no filepath
Task: {73f7adac-2639-42dc-ad52-9943fb5c7cee} - no filepath
Task: {768b70e7-10f1-4e45-bc0e-e7bd7939639e} - no filepath
Task: {76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646} - no filepath
Task: {7b3b7346-3748-4b05-b64e-33af249b3fef} - no filepath
Task: {7c78e335-a105-4187-a575-18df70fbcd96} - no filepath
Task: {80ec0846-0697-4f72-80df-835c40ad41a3} - no filepath
Task: {82924ef4-3183-4bf2-b521-c9cc74833401} - no filepath
Task: {844cbe2b-d923-4184-92df-94051307eccf} - no filepath
Task: {897a9a3c-8e6c-4459-8e1b-8de137c6ad5d} - no filepath
Task: {89a5b4ec-6c1f-4195-986a-04dd62cad69f} - no filepath
Task: {8b35b28c-36c7-4d90-8ffe-ca66da459586} - no filepath
Task: {8b9533b3-de40-4c8b-bda4-877a43f130d8} - no filepath
Task: {8bf63f20-cc1c-4520-8fe3-8782a18cb53b} - no filepath
Task: {8c30bd7c-6137-4e9f-91c1-8248be99183c} - no filepath
Task: {8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31} - no filepath
Task: {8f343704-d8ae-4daa-a716-cd795ba8a02c} - no filepath
Task: {8fde7141-3a84-4d8a-8172-162c552dd4a4} - no filepath
Task: {8fe3e76d-b989-4468-bc88-0e57573f4369} - no filepath
Task: {91ec7577-d0a1-425f-ae55-a11916fb8ad9} - no filepath
Task: {929aba5f-7b65-44c9-8a8a-94035ea08854} - no filepath
Task: {93616457-aca1-4383-ae66-b2d44b0a469e} - no filepath
Task: {9415e840-b85c-4782-8427-aad860505d9f} - no filepath
Task: {94bc0566-241c-4cfa-b126-eb79bfa2e15c} - no filepath
Task: {94fbf91e-70f3-45ff-bc7d-ed826cce03a7} - no filepath
Task: {96700118-420a-4bea-8e5b-1bb39ed143ad} - no filepath
Task: {969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a} - no filepath
Task: {97f9c1e2-f880-42b6-a438-0dde9531ee57} - no filepath
Task: {9927ec89-64a7-4713-916a-fbd8340942ae} - no filepath
Task: {99661a04-2b46-4aea-85e8-86ea15119e3a} - no filepath
Task: {99afbf49-25bd-4299-a58a-a27e348b2071} - no filepath
Task: {9a620831-2be4-4c8a-b480-0c56347229a0} - no filepath
Task: {9cb9f84f-66c0-4711-9090-4065aeab7fa4} - no filepath
Task: {9cdc7073-d65a-4e69-87fb-cc2d82799070} - no filepath
Task: {9d4048c4-1751-42e2-aa04-79c53f3693f8} - no filepath
Task: {9df1763d-25c5-4613-b7cf-b4abaee8cc49} - no filepath
Task: {9fc8a881-3e22-40fb-8562-3b239b5b8779} - no filepath
Task: {a0133c1f-7c98-4151-9d5b-0d91f8cf228b} - no filepath
Task: {a160e22a-01b7-4505-bcd2-6d9e2e7380b8} - no filepath
Task: {a18a1c93-f686-41b7-a781-6ff1a3542831} - no filepath
Task: {a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8} - no filepath
Task: {a3677273-558d-493a-bbff-1ce12c2afa1a} - no filepath
Task: {a368988f-826c-4016-b2d8-315949b3eb82} - no filepath
Task: {a57b79f2-1ce7-4050-a887-87f9245c6f54} - no filepath
Task: {a90eb85e-e619-4836-a5da-f8829fb36d82} - no filepath
Task: {aaf74cde-7585-4833-89a7-3d8dbd51d889} - no filepath
Task: {ac453888-02e7-4493-83a5-a78978f4b225} - no filepath
Task: {ad51b1df-97a8-4c80-83c5-af2e275a267c} - no filepath
Task: {b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a} - no filepath
Task: {b22740e8-052a-4cc1-b0a6-3d30132c44c3} - no filepath
Task: {b5027593-2f49-4192-9a54-d3cdaaa4594a} - no filepath
Task: {b563fe5f-962b-484d-9d2f-38e727302110} - no filepath
Task: {b83265e5-85b7-4a11-a3d8-89455cbb7100} - no filepath
Task: {b8421ca1-21a9-491e-a0f4-db07bc97e31c} - no filepath
Task: {b9eb37ec-957d-46ae-88c8-80b0a796c451} - no filepath
Task: {bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670} - no filepath
Task: {bdeaa514-8356-4763-9580-a19197d2079c} - no filepath
Task: {be66053e-6593-45f8-af4f-92e9b2d62050} - no filepath
Task: {bf79b821-6394-47d6-a29c-49555f89feaf} - no filepath
Task: {c3aa2171-6b28-4657-a83f-b40b4327b004} - no filepath
Task: {c3d95eeb-4b4f-4b32-8d78-5521da2c09bf} - no filepath
Task: {c4ede316-8a79-4a30-b018-a4ab516ac525} - no filepath
Task: {c5943838-4837-4bc6-a78d-5c9f63d81400} - no filepath
Task: {c5c8a34f-4df1-4a44-9a4a-e8406cae9457} - no filepath
Task: {c5f10e70-a527-4f17-93a5-3389245f41de} - no filepath
Task: {c7403372-1861-4b5a-8127-23c4d89b91fc} - no filepath
Task: {c7d62ee9-2e68-41b2-b665-6472f94d74fb} - no filepath
Task: {ca7f2699-2ace-46cf-9910-d74f88987a99} - no filepath
Task: {ce609d0a-b8e9-4fef-8d20-aa807fabf422} - no filepath
Task: {cf5c356c-db3e-4425-a108-369342895369} - no filepath
Task: {d298ae94-455b-4cb2-b108-d04283a6d04a} - no filepath
Task: {d55278d4-cfd7-4cf6-a6f7-45146ddafead} - no filepath
Task: {d5da2256-61bd-4385-9bc5-a5727a5826ea} - no filepath
Task: {d607519b-c3dc-4709-86c7-8fbadca75f2a} - no filepath
Task: {d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2} - no filepath
Task: {d97b891e-68b4-4873-8c50-e401029c666e} - no filepath
Task: {da28ff2e-3d7f-47fa-aeac-d1e8cbda0443} - no filepath
Task: {da9f0834-98d2-4042-8c52-6d3d2b0320d9} - no filepath
Task: {de55a2c2-40e2-4b23-8444-372b20bf588f} - no filepath
Task: {df031589-7db6-47b6-b96d-23438137a0d1} - no filepath
Task: {df4421e1-848f-4ec5-9bd9-885e9bb27787} - no filepath
Task: {dfe52ff8-fda8-4926-94a4-067859d2207c} - no filepath
Task: {e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2} - no filepath
Task: {e67a2733-d7d8-4b33-9e81-5210594208f3} - no filepath
Task: {e953a38a-26b7-4157-a479-4676ce57c89a} - no filepath
Task: {ea5b1554-061f-46c7-bfef-45a36d54f2af} - no filepath
Task: {eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d} - no filepath
Task: {f2a502a9-d2d6-4e80-8a1d-7a2d99db2369} - no filepath
Task: {f479f3a8-e268-4a93-ac88-29c92738c3a8} - no filepath
Task: {f58416ba-70a7-4d89-970a-4230218a08a7} - no filepath
Task: {f6574598-e2b4-4581-b5a1-121b47941513} - no filepath
Task: {f77e89bc-ca1f-4d5e-9fd5-912312977684} - no filepath
Task: {f83f4b89-44d7-41be-8676-cc8601a76fff} - no filepath
Task: {fe8ccd90-50d5-47a8-96ee-5d56871d9e4a} - no filepath
Task: {fec4dee3-36fd-455b-9734-9ec13b02d609} - no filepath
Task: {fee563c5-9524-47c5-8e1a-b19a3b48d27a} - no filepath
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> DefaultScope {7C595095-E389-4D97-8166-24348CC710BC} URL =
SearchScopes: HKU\S-1-5-21-2466524190-1393262879-1045153092-1001 -> {7C595095-E389-4D97-8166-24348CC710BC} URL =
FF Homepage: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
FF NewTab: Mozilla\Firefox\Profiles\p6zhqc64.default -> hxxp://www.bing.com/?pc=COS2&ptag=D051919-N060 ... =CT3335799
CHR Notifications: Default -> hxxps://01.loderls.ru; hxxps://2.getmedia.me; hxxps://eu1.badoo.com; hxxps://news-easy.com; hxxps://notification-list.com; hxxps://web.whatsapp.com
CHR HomePage: Default -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHeCZkT1zP_DTTyEFf1PG5CbJXVOzO5H7g1HYRYETPQXrrGbLlrMFozX-2kyHtgx49Y2sapI7Z_nLgEYV0b20v5uZAzAGs8FuvULy45UtZUQG221XKlheBs_QnbYEh2zp6xFTvOaYEajL0dJAMGm_P3VKdotZPmsJH5RfOmy02EK
CHR StartupUrls: Default -> "hxxp://www.default-search.net?sid=476&aid=113& ... oogle.com/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.cz/?gws_rd=cr&ei=m0uwur2iou3cygpeuybo
2019-09-18 17:02 - 2019-09-19 01:55 - 000014116 _____ () C:\Users\skimi\AppData\Local\Tempbannercash.tmp
2019-09-18 17:02 - 2019-09-19 01:55 - 000038121 _____ () C:\Users\skimi\AppData\Local\Tempnewscash.tmp
AlternateDataStreams: C:\Users\skimi\Data aplikací:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\skimi\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
Hosts:
EmptyTemp:
End
*****************
SystemRestore: On => completed
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 1
Average :
Sum : 282
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2517cd29-8895-11e9-9b3d-04d3b0fd8d0a} => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31e5ed03-d214-11e9-9b51-04d3b0fd8d0a} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04bbfd6e-d90a-433f-a6a6-d0be131a91f7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04d4e203-8e2b-4ec5-82c8-dcf3c0dfcb5c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04ee55ef-6d28-4dad-b52f-88b7d0312c70}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05908d87-fa77-40b1-94f0-1fc11f6e6ae3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0a94a26a-c700-4693-8813-179bbd8c0805}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ba0a86b-e222-4bdf-bcec-0b9c0cb8b35b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ce7c2cf-744f-4aa4-b195-cdf60abfe3f1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0cff3b3c-9655-48ff-88c1-5f0331965203}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0fe9fd42-0520-475e-859d-fabd7828848a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1050f032-ed46-4367-937b-5b8fe17c7bf4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10625bc0-74ec-4946-9960-a1f863437abf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{119491dc-5ab1-4690-80b6-f97c48a23d60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13e2a75f-b7bc-4b5c-bfda-2c021e986462}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14ec36e2-0960-41d6-adc0-1616fbb2df20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1677f3e4-d3ec-4300-ada1-130140bc1ef4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16a2d488-8bb9-43cf-8d92-085a5cdc1577}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18197c21-c9dd-4399-98d8-446830000911}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{187ecf42-a6c8-4926-959c-d83a5190d6ff}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19be25f5-c054-4446-abab-22f51376a0f3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1b109615-39bc-46fd-8da6-8b74e0511128}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1b8f8a59-caf7-43f1-917a-3477f511f684}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1bc5a719-0300-4765-98b7-a665e8586278}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1dec00fa-3471-4db8-8175-7760f4ec499f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1faf5a4d-84fa-40b6-90f9-240c60a0ae0d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2045fd08-c421-457f-ae22-66171c5a291e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21767f21-dfdf-4aa3-b107-6fb0a22682e3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24beb93d-f5fc-4fdc-a040-e1c935b3c050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{252a5b4b-0836-45fa-b2d4-24628f18e620}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26241631-c792-446f-8ca0-368bce2d4874}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26d4a9c6-0f14-4ca8-a19b-2b40a3e0a0de}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26e8a721-5ff7-4f05-b566-9bb732c5c4d2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2759ca7a-da77-4d0a-85e6-e65e8bb58b58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285e78ea-3393-4ec0-836f-8a2eabbfcdb1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29c9fd06-e500-49a7-b364-f2019e542e84}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2a8b722b-964b-43e4-a142-a3dce99c17be}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ac908ce-8e02-46fd-9aaf-57150ed77917}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2b955959-55cf-455d-84e8-5d3a07746e80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2d183e8e-60ee-4225-91e5-e3878afec979}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2da1e01a-cb61-4ae8-9c7f-726ac2bd9745}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31b9fcfb-435b-492d-a469-d39349f53c0f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32171f89-d17e-4268-83ad-3ca171a70c63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3218781f-b2d4-4125-a176-5401d6d156dc}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32815fa8-b734-4c73-ac90-4a30dd33f7c6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{329d667b-7073-44e9-a232-cc7293987563}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32ea21a9-94a6-4b36-b89f-136cfd2cacf9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{330dbc50-52bc-44de-b8a4-d04701f0d31f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332675df-9780-455d-993f-a9888b2f0da9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{339bf5e0-e2ce-4f0e-938b-1c740353e6b4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33c888ba-6796-488e-91d4-b063e287fbd0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{361cd11e-0e9a-4999-93a4-928855978de7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3630a7af-3262-4f71-af39-2bad147d8cd5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3631b3c0-5a9a-4df2-a56b-431f654fd396}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36cb1884-117f-4d04-b748-50eea978c42d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37a76c16-e11d-4d82-93cb-4b992c4a3f15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3a823219-b00c-4426-915f-5c1c07919cfa}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3c4f252a-c26f-4e95-aeeb-d006d6ad4322}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3e03499d-3b19-401c-b38d-6fa56a3c5f20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3eee23ad-4290-4d9c-9202-291932cb7c22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421dcb63-7e99-4fad-a5bd-4469992068a2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{448f0ac7-db87-4d0c-8015-6a6b1e11da51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44ebca0a-3109-496f-b430-55fe25835e20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{451c1ce4-85e6-4875-ae2a-cb8a0ece053a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457da542-38bf-4728-b103-7505d6726c39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45933e1f-969e-433c-8bf7-9bc4fa347415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{471b9772-ec04-43c6-940c-679ae0e5be17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482ec0e9-c6bf-430b-9acf-779b124d6c7c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48d72db0-5c30-46a0-8b8c-f4961836732c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49d7fd2a-6dce-442b-8411-fa6266e56db7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4b82410e-0b67-4571-8efa-fee1660aa4d2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c4cb7d2-fa63-400d-8d65-26a149afb2d5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c67c98e-2b5c-4dda-9c7f-d982e92feba7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5088ed94-3403-4318-8bdd-ab60ffcacdd7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532c08ef-ed7c-45e9-b7ad-a387cbca5ed3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{539fbfac-978c-4c50-96e9-96acef23781d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54521433-e613-4f06-9712-0d3179dd2bc8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56639eb6-4e99-4daf-a17e-4ea5ae396044}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56e4945f-88e9-4649-a7b1-23cfdd6d10cb}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57417da3-54b2-4fdc-902e-588ba00d1588}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59b667e9-0ee9-46f2-b653-78ccc83f412e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5a528ad2-23a8-4bb3-93c3-52fffe659bb4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ca8d739-f623-432e-9683-97ec3b4ab1c2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5d2af43b-73a6-406a-88ff-e7e546f20b6c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ea022b2-cd9f-4199-9d89-5b112b09c3e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ef26ac8-0b8c-4094-a4f4-446c0fb09665}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5f4b4b08-1a67-437b-b1de-1e0058af47ba}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5fd870ac-99d2-46f8-8eaa-aa536e792f13}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60229022-53f4-4fb7-a458-330801228a3b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6350b364-6a31-419d-8c33-5a2d5aeb185e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63669688-6ef5-4ea4-a43f-848ce2d317f0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{649ff32a-f3f9-4efc-9c60-8088d95ec473}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6798fa7f-142e-4a8d-985d-eb1d738d769c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69e3ddef-cbe9-4dde-b87f-fc4e9025f2c0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a35082b-cd90-4495-8645-3ff3dacce758}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a73275c-bfba-4ef1-bb9b-31b1b6766753}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6a79beb3-a996-46bc-b0af-e42c760de443}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6b872682-249f-4d93-9d14-517789c49f74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6c25656c-b897-41ff-98d6-a0c54b165c78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d082b63-db87-472a-b188-128b6abc225d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d23c081-7601-4622-83f6-59072f18d6d6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d24e7fa-ea9b-42a6-bcb1-3b85dc879c1b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d63ec78-d622-4f0e-a4b6-93f44ba620c4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6fa593a9-35a5-4231-8682-dbd9f6d01e82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70b8c203-9f40-4aa9-a0e3-2c98212f7175}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70cb5770-c9c6-45ef-8224-a2a5b3a767e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7127efc1-8588-4492-b177-c57b77a1fcc4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71a74976-996d-43c1-8025-9b2526e27a44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{722edb42-de72-4ed9-a682-769bc03c1617}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73f7adac-2639-42dc-ad52-9943fb5c7cee}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{768b70e7-10f1-4e45-bc0e-e7bd7939639e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76ca8cb7-15cc-4bed-bbd8-c1e0a5b67646}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7b3b7346-3748-4b05-b64e-33af249b3fef}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7c78e335-a105-4187-a575-18df70fbcd96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80ec0846-0697-4f72-80df-835c40ad41a3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82924ef4-3183-4bf2-b521-c9cc74833401}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{844cbe2b-d923-4184-92df-94051307eccf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{897a9a3c-8e6c-4459-8e1b-8de137c6ad5d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89a5b4ec-6c1f-4195-986a-04dd62cad69f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8b35b28c-36c7-4d90-8ffe-ca66da459586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8b9533b3-de40-4c8b-bda4-877a43f130d8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8bf63f20-cc1c-4520-8fe3-8782a18cb53b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8c30bd7c-6137-4e9f-91c1-8248be99183c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8d2a0ba2-c71e-4228-ae6c-d4ff35a26b31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8f343704-d8ae-4daa-a716-cd795ba8a02c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8fde7141-3a84-4d8a-8172-162c552dd4a4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8fe3e76d-b989-4468-bc88-0e57573f4369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91ec7577-d0a1-425f-ae55-a11916fb8ad9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{929aba5f-7b65-44c9-8a8a-94035ea08854}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93616457-aca1-4383-ae66-b2d44b0a469e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9415e840-b85c-4782-8427-aad860505d9f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94bc0566-241c-4cfa-b126-eb79bfa2e15c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94fbf91e-70f3-45ff-bc7d-ed826cce03a7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96700118-420a-4bea-8e5b-1bb39ed143ad}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{969bfe7b-6f8b-4f28-b0b1-25dab7ac2a5a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97f9c1e2-f880-42b6-a438-0dde9531ee57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9927ec89-64a7-4713-916a-fbd8340942ae}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99661a04-2b46-4aea-85e8-86ea15119e3a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99afbf49-25bd-4299-a58a-a27e348b2071}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9a620831-2be4-4c8a-b480-0c56347229a0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9cb9f84f-66c0-4711-9090-4065aeab7fa4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9cdc7073-d65a-4e69-87fb-cc2d82799070}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9d4048c4-1751-42e2-aa04-79c53f3693f8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9df1763d-25c5-4613-b7cf-b4abaee8cc49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9fc8a881-3e22-40fb-8562-3b239b5b8779}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a0133c1f-7c98-4151-9d5b-0d91f8cf228b}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a160e22a-01b7-4505-bcd2-6d9e2e7380b8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a18a1c93-f686-41b7-a781-6ff1a3542831}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a1f7551d-bbd0-43ae-bbf8-4bc114bd89d8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a3677273-558d-493a-bbff-1ce12c2afa1a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a368988f-826c-4016-b2d8-315949b3eb82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a57b79f2-1ce7-4050-a887-87f9245c6f54}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a90eb85e-e619-4836-a5da-f8829fb36d82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{aaf74cde-7585-4833-89a7-3d8dbd51d889}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ac453888-02e7-4493-83a5-a78978f4b225}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ad51b1df-97a8-4c80-83c5-af2e275a267c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b0ff95a1-5c48-40f2-a51a-f7c0cd2fae9a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b22740e8-052a-4cc1-b0a6-3d30132c44c3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b5027593-2f49-4192-9a54-d3cdaaa4594a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b563fe5f-962b-484d-9d2f-38e727302110}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b83265e5-85b7-4a11-a3d8-89455cbb7100}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b8421ca1-21a9-491e-a0f4-db07bc97e31c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b9eb37ec-957d-46ae-88c8-80b0a796c451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bb00d7e6-1da1-4a9e-aadd-cf11cf1d3670}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bdeaa514-8356-4763-9580-a19197d2079c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{be66053e-6593-45f8-af4f-92e9b2d62050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bf79b821-6394-47d6-a29c-49555f89feaf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c3aa2171-6b28-4657-a83f-b40b4327b004}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c3d95eeb-4b4f-4b32-8d78-5521da2c09bf}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c4ede316-8a79-4a30-b018-a4ab516ac525}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5943838-4837-4bc6-a78d-5c9f63d81400}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5c8a34f-4df1-4a44-9a4a-e8406cae9457}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c5f10e70-a527-4f17-93a5-3389245f41de}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c7403372-1861-4b5a-8127-23c4d89b91fc}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c7d62ee9-2e68-41b2-b665-6472f94d74fb}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ca7f2699-2ace-46cf-9910-d74f88987a99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ce609d0a-b8e9-4fef-8d20-aa807fabf422}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{cf5c356c-db3e-4425-a108-369342895369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d298ae94-455b-4cb2-b108-d04283a6d04a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d55278d4-cfd7-4cf6-a6f7-45146ddafead}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d5da2256-61bd-4385-9bc5-a5727a5826ea}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d607519b-c3dc-4709-86c7-8fbadca75f2a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d6cbfc47-4ff7-43bc-ac7e-a2d943e204c2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d97b891e-68b4-4873-8c50-e401029c666e}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da28ff2e-3d7f-47fa-aeac-d1e8cbda0443}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da9f0834-98d2-4042-8c52-6d3d2b0320d9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{de55a2c2-40e2-4b23-8444-372b20bf588f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{df031589-7db6-47b6-b96d-23438137a0d1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{df4421e1-848f-4ec5-9bd9-885e9bb27787}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{dfe52ff8-fda8-4926-94a4-067859d2207c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e44c5a20-f9a8-47bd-9ff6-c130ccaaf0e2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e67a2733-d7d8-4b33-9e81-5210594208f3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e953a38a-26b7-4157-a479-4676ce57c89a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ea5b1554-061f-46c7-bfef-45a36d54f2af}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{eaa1a3ac-6f34-4280-9a2a-b42f0d2acf0d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f2a502a9-d2d6-4e80-8a1d-7a2d99db2369}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f479f3a8-e268-4a93-ac88-29c92738c3a8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f58416ba-70a7-4d89-970a-4230218a08a7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f6574598-e2b4-4581-b5a1-121b47941513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f77e89bc-ca1f-4d5e-9fd5-912312977684}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f83f4b89-44d7-41be-8676-cc8601a76fff}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fe8ccd90-50d5-47a8-96ee-5d56871d9e4a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fec4dee3-36fd-455b-9734-9ec13b02d609}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{fee563c5-9524-47c5-8e1a-b19a3b48d27a}" => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2466524190-1393262879-1045153092-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C595095-E389-4D97-8166-24348CC710BC} => removed successfully
"Firefox homepage" => removed successfully
"Firefox newtab" => removed successfully
"Chrome Notifications" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
C:\Users\skimi\AppData\Local\Tempbannercash.tmp => moved successfully
C:\Users\skimi\AppData\Local\Tempnewscash.tmp => moved successfully
C:\Users\skimi\Data aplikací => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully
"C:\Users\skimi\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16013874 B
Java, Flash, Steam htmlcache => 355165497 B
Windows/system/drivers => 8479005 B
Edge => 879655 B
Chrome => 385372265 B
Firefox => 23915220 B
Opera => 139985 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 13718 B
skimi => 373857669 B
RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End 1 Fixlog 16:37:49 ====
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
skimiwriter
- Návštěvník
- Příspěvky: 58
- Registrován: 24 bře 2014 13:34
Re: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
všechno ok ... Děkuji moc
Děkuji mocRe: Prosím pomoct s Trojan:Win32/Wacatac.D!ml
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?