Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Windows update nefunguje a pár dalších podivností s PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#16 Příspěvek od pan Hankey »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (19-03-2021 20:49:11)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [68822328 2021-02-12] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [383488 2021-03-01] (Microsoft Windows -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F394143-FC6F-49E8-96D8-62BEAF881724} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {11C617CC-7B06-49D1-9541-E1BFB89F37FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16165489-B047-4F32-AE2F-0B8FC3EE4266} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F8B60BB-D329-4FE4-81D1-EC6438C6722D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
Task: {3F605241-775B-400C-855C-C8B7737F3BE9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4BF60778-B0D7-48F3-877D-21DC6170C972} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66355CC9-FD99-4455-BB09-A5E02A72AA7B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6888B1FA-5929-4C01-B3AA-497958DD444D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BCDDC1A-6FF6-4CEB-8EE1-A1F61A439BC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71F283E7-596E-479C-AF65-5E5219C62AFE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {75FBC15C-4707-4ABA-ACE3-8AE813DD3C67} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76EE904A-80AF-40E4-AEE3-F7CEB017918F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {78043D10-D210-4D1A-B1FD-3C72DC2BD463} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {8AC4B7AD-124E-47CE-ADB3-22A29DF7CF57} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91D7D07A-E098-4258-BFBC-8EF00DBF034A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1148C29-B59F-4B31-B6B7-3ABC1FA45664} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {C9608E67-C472-4055-8906-F56C1631BD3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD822769-7A61-4231-91ED-838BA4C24846} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0214C33-BD0A-44AB-ADC6-284CC8E0467A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 185.73.108.1
Tcpip\..\Interfaces\{18e5d354-c0de-4224-a18f-5896fdf53c09}: [DhcpNameServer] 185.73.101.1 185.73.108.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tom78\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-19]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Adblock Complete) - C:\Users\Tom78\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbobegkkdmmcnmoplkgdmfhdlkjfelnb [2021-01-17]
Edge Extension: (Word) - C:\Users\Tom78\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-20]
Edge Extension: (Excel) - C:\Users\Tom78\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-20]

FireFox:
========
FF DefaultProfile: 3tpdidnb.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\3tpdidnb.default [2021-03-15]
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\x0rbafew.default-release [2021-03-19]
FF Session Restore: Mozilla\Firefox\Profiles\x0rbafew.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\x0rbafew.default-release -> hxxps://www.facebook.com; hxxps://www.instagram.com
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\x0rbafew.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-11-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; F:\HRY\GOG Galaxy\GalaxyClientService.exe [1728072 2020-10-01] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-10-01] (GOG Sp. z o.o. -> GOG.com)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2020-11-23] (Even Balance, Inc. -> )
S3 Rockstar Service; F:\HRY\GTA\Launcher\RockstarService.exe [1676696 2021-03-17] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 MpKslfc2957fa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38894ECE-6A14-4549-AEFF-BAFF92F660FB}\MpKslDrv.sys [90360 2021-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 20:49 - 2021-03-19 20:50 - 000014082 _____ C:\Users\Tom78\Desktop\FRST.txt
2021-03-19 20:49 - 2021-03-19 20:49 - 002300928 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2021-03-19 20:49 - 2021-03-19 20:49 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2021-03-19 18:31 - 2021-03-19 19:09 - 000000000 ____D C:\Users\Tom78\Downloads\mods 19.3
2021-03-19 16:52 - 2021-03-19 16:52 - 000001000 _____ C:\Users\Tom78\Desktop\Valheim - rady atd.lnk
2021-03-18 20:18 - 2021-03-18 20:18 - 000102356 _____ C:\Users\Tom78\Downloads\manual_policie.pdf
2021-03-15 18:17 - 2021-03-15 18:19 - 000006229 _____ C:\Users\Tom78\Desktop\scan_log.txt
2021-03-15 18:16 - 2021-03-15 18:16 - 000207872 _____ (Copyrights Diallix Software (C)) C:\Users\Tom78\Desktop\inlinehookscanner.exe
2021-03-15 17:11 - 2021-03-15 17:17 - 000014759 _____ C:\Users\Tom78\Desktop\Fixlog.txt
2021-03-15 14:58 - 2021-03-15 14:59 - 000000000 ____D C:\AdwCleaner
2021-03-15 14:55 - 2021-03-15 14:55 - 008463216 _____ (Malwarebytes) C:\Users\Tom78\Desktop\adwcleaner_8.1.exe
2021-03-14 23:49 - 2021-03-19 20:50 - 000000000 ____D C:\FRST
2021-03-14 22:45 - 2021-03-17 14:43 - 084148224 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-03-14 22:36 - 2021-03-14 22:44 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-03-14 17:29 - 2021-03-14 17:29 - 000000000 ____D C:\Users\Tom78\Documents\4A Games
2021-03-14 17:29 - 2021-03-14 17:29 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\NVIDIA
2021-03-14 14:59 - 2021-03-14 14:59 - 000000221 _____ C:\Users\Tom78\Desktop\Metro 2033.url
2021-03-13 05:48 - 2021-03-13 05:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-09 14:55 - 2021-03-09 14:55 - 000001345 _____ C:\Users\Tom78\Desktop\IronGate – zástupce.lnk
2021-03-01 15:11 - 2021-03-01 15:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-01 15:11 - 2021-03-01 15:11 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-01 15:11 - 2021-03-01 15:11 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-01 15:11 - 2021-03-01 15:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-01 15:11 - 2021-03-01 15:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-01 15:11 - 2021-03-01 15:11 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-01 15:11 - 2021-03-01 15:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-01 15:10 - 2021-03-01 15:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-01 15:10 - 2021-03-01 15:10 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-01 15:10 - 2021-03-01 15:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-01 15:10 - 2021-03-01 15:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-01 15:10 - 2021-03-01 15:10 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-01 15:10 - 2021-03-01 15:10 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-01 15:10 - 2021-03-01 15:10 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-01 15:10 - 2021-03-01 15:10 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-01 15:10 - 2021-03-01 15:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-01 15:10 - 2021-03-01 15:10 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-01 15:10 - 2021-03-01 15:10 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-01 15:10 - 2021-03-01 15:10 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-01 15:10 - 2021-03-01 15:10 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-01 15:10 - 2021-03-01 15:10 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-01 15:09 - 2021-03-01 15:09 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-01 15:09 - 2021-03-01 15:09 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-01 15:09 - 2021-03-01 15:09 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-01 15:09 - 2021-03-01 15:09 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-01 15:09 - 2021-03-01 15:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-01 15:09 - 2021-03-01 15:09 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-01 15:08 - 2021-03-01 15:08 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-01 15:08 - 2021-03-01 15:08 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-01 15:08 - 2021-03-01 15:08 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-01 15:08 - 2021-03-01 15:08 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-01 15:08 - 2021-03-01 15:08 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-01 15:08 - 2021-03-01 15:08 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-01 15:08 - 2021-03-01 15:08 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-01 15:08 - 2021-03-01 15:08 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-01 15:07 - 2021-03-01 15:07 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-01 15:07 - 2021-03-01 15:07 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-01 15:07 - 2021-03-01 15:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-01 15:07 - 2021-03-01 15:07 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-01 15:07 - 2021-03-01 15:07 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-01 15:07 - 2021-03-01 15:07 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-01 15:07 - 2021-03-01 15:07 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-01 15:07 - 2021-03-01 15:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-01 15:07 - 2021-03-01 15:07 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-26 00:57 - 2021-02-28 17:41 - 000001066 _____ C:\Users\Tom78\Desktop\Valheim – zástupce.lnk
2021-02-26 00:52 - 2021-02-26 00:52 - 000000222 _____ C:\Users\Tom78\Desktop\Valheim.url
2021-02-19 04:22 - 2021-02-19 04:42 - 000000723 _____ C:\Users\Tom78\Documents\ClownfishVoiceChanger.ini
2021-02-19 04:22 - 2021-02-19 04:22 - 000000000 ____D C:\Users\Tom78\Documents\ClownfishSoundTemp
2021-02-19 04:22 - 2021-02-19 04:22 - 000000000 ____D C:\Users\Tom78\Documents\ClownfishCustomVocoders
2021-02-19 04:22 - 2021-02-19 04:22 - 000000000 ____D C:\Users\Tom78\Documents\ClownfishCustomSounds
2021-02-19 04:22 - 2021-02-19 04:22 - 000000000 ____D C:\Users\Tom78\Documents\Clownfish_VST_cfg
2021-02-17 15:17 - 2021-03-19 20:45 - 000000000 ____D C:\Users\Tom78\Downloads\valheim - MODS
2021-02-17 14:42 - 2021-02-17 14:42 - 000825556 _____ C:\Users\Tom78\Downloads\t115800.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 20:48 - 2020-09-07 01:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-19 20:48 - 2018-09-10 14:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2021-03-19 20:26 - 2020-10-09 02:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-19 19:59 - 2020-10-06 21:33 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\discord
2021-03-19 19:59 - 2020-09-07 02:31 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-19 19:05 - 2020-12-07 21:59 - 000000000 ____D C:\Users\Tom78\Documents\Assassin's Creed Unity
2021-03-19 16:32 - 2016-11-09 15:06 - 000000456 _____ C:\Users\Tom78\Desktop\Záloha (H).lnk
2021-03-19 14:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-19 14:51 - 2020-09-21 18:03 - 000001036 _____ C:\Users\Tom78\Desktop\Steam.lnk
2021-03-19 14:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-19 14:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-19 14:36 - 2021-02-12 16:41 - 000002231 _____ C:\Users\Tom78\Desktop\Discord.lnk
2021-03-19 14:36 - 2020-09-07 00:27 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-19 14:28 - 2020-10-09 02:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 20:48 - 2021-01-16 20:06 - 000000780 _____ C:\Users\Tom78\Desktop\Rockstar Games Launcher.lnk
2021-03-18 20:25 - 2020-01-21 03:15 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Temp
2021-03-18 18:37 - 2021-01-17 11:16 - 000000929 _____ C:\Users\Tom78\Desktop\Grand Theft Auto V.lnk
2021-03-18 18:34 - 2021-02-09 16:53 - 000007633 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2021-03-18 17:43 - 2020-09-08 12:53 - 000000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2021-03-18 17:38 - 2020-09-08 12:53 - 000000763 _____ C:\Users\Tom78\Desktop\Ubisoft Connect.lnk
2021-03-17 05:22 - 2020-09-21 18:03 - 000000871 _____ C:\Users\Tom78\Desktop\Epic Games Launcher.lnk
2021-03-17 05:11 - 2021-01-16 20:09 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-03-17 05:10 - 2021-01-16 20:09 - 000000000 ____D C:\Program Files\Rockstar Games
2021-03-16 19:09 - 2020-09-07 03:21 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2021-03-16 13:33 - 2020-09-07 00:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 18:40 - 2019-08-30 21:26 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-15 17:21 - 2020-10-09 02:36 - 001693200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-15 17:21 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-15 17:21 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-15 17:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-15 17:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-15 01:10 - 2020-09-10 14:01 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 22:03 - 2020-09-07 00:56 - 000000000 ____D C:\Users\Tom78\AppData\Local\Packages
2021-03-14 17:31 - 2021-02-05 01:31 - 000000000 ____D C:\Users\Tom78\AppData\Local\4A Games
2021-03-13 13:16 - 2020-09-07 01:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-13 13:16 - 2020-09-07 01:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-13 05:48 - 2020-09-07 01:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-12 20:11 - 2020-09-07 01:35 - 000000000 ____D C:\Users\Tom78\AppData\Local\D3DSCache
2021-03-10 16:04 - 2020-09-07 13:40 - 000001072 _____ C:\Users\Tom78\Desktop\utorrent – zástupce.lnk
2021-03-07 13:20 - 2020-09-15 15:50 - 000000000 ____D C:\Program Files\Cheat Engine 7.1
2021-03-04 23:09 - 2021-02-11 19:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-03-04 12:02 - 2020-10-09 02:39 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 12:02 - 2020-10-09 02:39 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 16:39 - 2020-09-07 02:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-01 15:21 - 2020-10-09 02:18 - 000267672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-01 15:19 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-01 15:19 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-01 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-01 15:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-01 15:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-01 15:06 - 2020-10-09 02:22 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-01 14:53 - 2020-09-10 14:06 - 000000000 ___HD C:\$WinREAgent
2021-03-01 14:50 - 2020-09-07 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-01 14:48 - 2020-09-07 12:50 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-02-09 16:53 - 2021-03-18 18:34 - 000007633 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2020-11-01 02:51 - 2020-11-01 02:51 - 000014116 _____ () C:\Users\Tom78\AppData\Local\Tempbannercash.tmp
2020-11-01 02:51 - 2020-11-01 02:51 - 000038121 _____ () C:\Users\Tom78\AppData\Local\Tempnewscash.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
-----------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Tom78 (19-03-2021 20:53:09)
Running from C:\Users\Tom78\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-09 01:40:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4101578857-3757837661-3053645589-503 - Limited - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78
WDAGUtilityAccount (S-1-5-21-4101578857-3757837661-3053645589-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Anno 1701 - History Edition (HKLM-x32\...\Uplay Install 16238) (Version: - Ubisoft)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Cities: Skylines - ČEŠTINA (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Cities: Skylines - ČEŠTINA) (Version: - )
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CurseForge (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.167.2.4 - Overwolf app)
Discord (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
Excel (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
Cheat Engine 7.1 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Intel Driver && Support Assistant (HKLM-x32\...\{F0E9774D-C5A1-4C83-89F9-191E1334D476}) (Version: 21.1.5.2 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{848F0123-CF5D-4192-90EC-A6574D8B1796}) (Version: 2.4.06522 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{3f5ceda7-9b48-4fa4-af57-8feaf8ab1e46}) (Version: 21.1.5.2 - Intel)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Metal Gear Solid V (HKLM-x32\...\Metal Gear Solid V_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.166.1.16 - Overwolf Ltd.)
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Satisfactory v. 0.3.5.4 - Build 125236 (HKLM-x32\...\Satisfactory_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 113.0 - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Word (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2021-03-19 14:28 - 2021-03-19 14:28 - 000028160 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2020-12-15 14:37 - 2020-12-15 14:37 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2020-12-15 14:37 - 2020-12-15 14:37 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\20x2p.com -> 20x2p.com

There are 1540 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-09-07 01:01 - 2020-09-07 00:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 185.73.101.1 - 185.73.108.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{81A2ACAC-7BFE-46A3-825E-6FC5AA6EF19D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2196E4A3-85CA-4387-BEBE-757EC088079D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BE2704A8-C7E4-4DFE-9FB3-8D91DC878C56}] => (Block) F:\HRY\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{D12490D1-4F96-4DF4-B4CB-DC7C40106699}] => (Block) F:\HRY\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{476B83AD-8C3A-4C62-91C4-CC41C2937520}] => (Block) F:\HRY\Northgard.Brundr.and.Kaelinn.Clan.of.the.Lynx-ALI213\Northgard.Brundr.and.Kaelinn.Clan.of.the.Lynx\Northgard.exe => No File
FirewallRules: [{E1A34569-0EF6-4F5D-82C3-50DB27C0E39D}] => (Block) F:\HRY\Northgard.Brundr.and.Kaelinn.Clan.of.the.Lynx-ALI213\Northgard.Brundr.and.Kaelinn.Clan.of.the.Lynx\Northgard.exe => No File
FirewallRules: [{D8F26C7F-8823-4672-AD76-B948647EB169}] => (Allow) F:\HRY\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{804856F3-D84E-4DC8-A8A2-B1156A47F497}] => (Allow) F:\HRY\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{28BC51D1-A0A4-4DA8-A9C4-4361C7B372A9}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{247E041C-E089-4822-B078-028E84CB6D5E}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{0BDD524E-8893-486F-8789-C6F679F526B0}] => (Block) F:\HRY\MGS5\Metal Gear Solid V - The Phantom Pain\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{075EDB48-C2AA-4B52-A7EA-34F619042E2A}] => (Block) F:\HRY\MGS5\Metal Gear Solid V - The Phantom Pain\mgsvmgo.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{53D8C44F-4254-4DE5-87DD-826A19A6CA05}] => (Block) F:\HRY\MGS5\Metal Gear Solid V - The Phantom Pain\mgsvtpp.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{3A68B81F-CEBB-4A37-AD6A-F272BCD60EE4}] => (Block) F:\HRY\MGS5\Metal Gear Solid V - The Phantom Pain\mgsvmgo.exe (Konami Digital Entertainment) [File not signed]
FirewallRules: [{E31F4230-8177-42E4-A8AC-D5A7E6F88938}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
FirewallRules: [{A165DFBD-002F-4A8C-A181-777252CF0ED1}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{9227C3D6-09F2-4755-A6A1-23AC85DFD5C4}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{DE1C228A-D44E-4524-B9E7-6C1C78BCE758}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
FirewallRules: [{C310FDF9-B21F-447C-9EF2-36B3AECE1211}] => (Allow) H:\Save M3\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CA8D4E48-4560-48D5-BE31-A27ED845D1A4}] => (Allow) H:\Save M3\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{AB3D07D1-F343-4745-8BBF-78334B41EA32}] => (Allow) F:\HRY\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{DC28A0FF-8FE0-4D12-A008-1796778B67A4}] => (Allow) F:\HRY\steamapps\common\Mafia II Definitive Edition\pc\Mafia2Launcher\Launcher.exe (2K Games) [File not signed]
FirewallRules: [{86E0D448-6185-4A51-90DB-9430ED1B4329}] => (Allow) F:\HRY\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{7C982DB4-6B44-4F2A-A635-C871809AA911}] => (Allow) F:\HRY\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{D4661799-D23E-4533-83A6-C2C6A7545F9B}F:\hry\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Block) F:\hry\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe (Coffee Stain Studios AB) [File not signed]
FirewallRules: [TCP Query User{0DA87577-EE79-4040-A5E9-EBB10F2799A8}F:\hry\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe] => (Block) F:\hry\satisfactory\factorygame\binaries\win64\factorygame-win64-shipping.exe (Coffee Stain Studios AB) [File not signed]
FirewallRules: [{03094065-5F70-4628-8F76-DFA6031A5541}] => (Block) F:\HRY\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1BF8BDA1-08E5-45CD-847A-43885924B748}] => (Block) F:\HRY\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D1B1E0D4-BF67-4836-B63A-5180CA8406A7}H:\save m3\utorrent\utorrent.exe] => (Allow) H:\save m3\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{00007AB2-B682-4F9C-ACBE-24F2321E234C}H:\save m3\utorrent\utorrent.exe] => (Allow) H:\save m3\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{399A67D6-461F-4138-92C0-6B2FAEBE8EA7}] => (Allow) F:\HRY\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{72475320-D114-4E4A-8640-AD3179F3940C}] => (Allow) F:\HRY\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{48678FC3-EB76-4E52-BBF6-6893A8786D04}] => (Allow) F:\HRY\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{09D65E45-2058-4F15-B4F6-BDE18F58A549}] => (Allow) F:\HRY\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{B64001DA-3453-44D4-93DF-4362D7EA1B03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8B65BDC9-A573-44FF-A639-36AF612E36AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D61AE92A-B187-45F8-A15D-9E607E8A2DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6740B168-A83F-456C-AE30-EE1BA5E0571E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C618533-F4BF-48F3-8261-D6B9E4BB5B1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A2846A9-9D31-4173-A32B-EBDEDD7D11B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{232FD1BF-0726-4D91-A468-A7FBCC7E81BE}] => (Allow) F:\HRY\steamapps\common\Drive 4 Survive\Drive 4 Survive.exe () [File not signed]
FirewallRules: [{C77105B1-AFE8-4068-8AF1-1D51F7572E23}] => (Allow) F:\HRY\steamapps\common\Drive 4 Survive\Drive 4 Survive.exe () [File not signed]
FirewallRules: [{1585A176-532B-482B-A5C7-948BAED4A994}] => (Allow) F:\HRY\steamapps\common\The Wild Age\thewildage.exe () [File not signed]
FirewallRules: [{6BDAFE8F-8492-41DE-8C1D-DD891C1B953D}] => (Allow) F:\HRY\steamapps\common\The Wild Age\thewildage.exe () [File not signed]
FirewallRules: [{57589494-E832-4BE3-9586-6926A73E6414}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{4CFA18B1-D57A-444C-91A7-F8AE8291B635}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\Watch_Dogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{8AE43CF5-BC4F-40AA-AE08-6EF395011248}] => (Allow) F:\HRY\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{F095B4BA-A46C-4091-BA28-3C7C2D5CCFE6}] => (Allow) F:\HRY\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{C1E3C1E3-DB8E-48F6-BD46-958ED58F1902}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{16664395-1F90-4CBC-B7E6-7CDC6414A4FB}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{16B68D2B-CA03-4DE2-9F6D-CBD0E6829173}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{06560D53-284E-4B1B-B618-E3A7E2A9A6CF}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{E3AFE094-9278-439B-A9C0-8D888C8817D1}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5653E566-A605-458C-BEAE-60B461825440}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FD4FC209-F226-4B45-85D6-DC866AD32EA3}] => (Allow) F:\HRY\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Wildlands\GRW_Upp.exe (Blue Byte GmbH -> )
FirewallRules: [TCP Query User{C4486029-B581-46AE-A011-BE46619B24BF}F:\hry\ubisoft game launcher\games\tom clancy's ghost recon wildlands\grw.exe] => (Allow) F:\hry\ubisoft game launcher\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [UDP Query User{C7615364-DFAE-459E-9BFA-5010544D5A19}F:\hry\ubisoft game launcher\games\tom clancy's ghost recon wildlands\grw.exe] => (Allow) F:\hry\ubisoft game launcher\games\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [{33AE8F15-A7F2-4F2D-BED2-A6793B20C354}] => (Allow) F:\HRY\AC\AssassinsCreedSyndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9268913E-638E-456E-823C-6AEF0FF44E62}] => (Allow) F:\HRY\AC\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{1B7EAF54-8DFB-4645-804F-EE080EEA92F8}] => (Allow) F:\HRY\AC\Assassin's Creed III\AC3SP.exe (Ubisoft Entertainment -> )
FirewallRules: [{0C8E9339-497A-4768-A566-5940C704E01F}] => (Allow) F:\HRY\AC\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{6AF39E45-A1A8-496E-933C-203FD5C8A4C2}] => (Allow) F:\HRY\AC\Assassin's Creed III\AC3MP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{9CD2C7C9-C374-42C2-827A-09F149DB8748}] => (Allow) F:\HRY\AC\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{AA9C0709-1826-4FBC-B159-0C99AF310FA4}] => (Allow) F:\HRY\AC\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{DA361D88-1441-4A4B-94BA-7F01C9BF32D8}] => (Allow) F:\HRY\AC\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{AC9BB320-4C27-412C-B22D-B012678492A5}] => (Allow) F:\HRY\AC\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{76A8ECB2-BE29-4CC5-AB02-A5182FBC1FA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{256A94D7-C591-4C10-8CCF-B5CF408662FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{34ACA844-8D83-4636-9EA8-E20A9C059FF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2FDAD18-DE42-448E-A126-9E8A859406E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D1D9CB97-50C5-44A8-A912-BE99DA76E6C7}F:\hry\anno 1701 - history edition\anno1701.exe] => (Allow) F:\hry\anno 1701 - history edition\anno1701.exe (Ubisoft Blue Byte GmbH -> )
FirewallRules: [UDP Query User{72AC45D4-87FB-44E5-B473-57D15002CBCE}F:\hry\anno 1701 - history edition\anno1701.exe] => (Allow) F:\hry\anno 1701 - history edition\anno1701.exe (Ubisoft Blue Byte GmbH -> )
FirewallRules: [{597978D7-903B-453B-A2F0-D0E06FFD37F6}] => (Block) F:\HRY\AGFY-Subnautica.v63668\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{040A3722-59F1-4F58-96F0-84493929E287}] => (Block) F:\HRY\AGFY-Subnautica.v63668\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{4ABF2E53-FE63-4D38-BA7D-B316016C0CCA}] => (Allow) F:\HRY\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42E26A28-78FD-49DA-9B98-5DBDFA071D51}] => (Allow) F:\HRY\GTA\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{06E99787-49AC-43C7-81F0-552A235B91C3}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{693EC341-C955-4B29-B116-C892245D7CA6}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{2DF03929-7091-4388-897D-D9A469C795E4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{6E3E4396-7CF9-4A29-8371-A062F8401D2C}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{BE010B2A-646A-4C7A-B7E7-E03F83225662}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{483676FB-2AEC-4BD4-9662-3EF5C368DB14}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{5F5B010F-09CF-4D27-AB4A-D2D77FE6E99C}] => (Allow) F:\HRY\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{3A6D9E9A-2C29-45E7-94AD-C63640679542}] => (Allow) F:\HRY\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{2B05871E-1659-42BB-BBEF-0A98E7D11050}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1FC57F1C-BDF6-4E01-A3AF-76324ADBD12E}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CED66BE0-3A8F-4FC4-B541-578C35823620}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{00463ADC-A205-412A-BAE0-1E5CBEAFE106}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5482777F-0D86-4C98-97D3-3DF354A43694}] => (Allow) F:\HRY\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{291164F6-F016-4EE2-920B-8B51EDCA3E24}] => (Allow) F:\HRY\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:126.95 GB) (Free:58.49 GB) (46%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/16/2021 07:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Metro2033.exe, verze: 1.0.0.1, časové razítko: 0x4c7775b7
Název chybujícího modulu: Metro2033.exe, verze: 1.0.0.1, časové razítko: 0x4c7775b7
Kód výjimky: 0xc0000005
Posun chyby: 0x0036c2bc
ID chybujícího procesu: 0x1ae4
Čas spuštění chybující aplikace: 0x01d71a77b0f1241c
Cesta k chybující aplikaci: F:\HRY\steamapps\common\Metro 2033\Metro2033.exe
Cesta k chybujícímu modulu: F:\HRY\steamapps\common\Metro 2033\Metro2033.exe
ID zprávy: 3a839d26-c860-4095-b600-08a6f57bfdc5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2021 01:58:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Stroj)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/15/2021 02:00:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Název chybujícího modulu: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Kód výjimky: 0xc0000005
Posun chyby: 0x00053ec5
ID chybujícího procesu: 0x1dfc
Čas spuštění chybující aplikace: 0x01d719369d922652
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
ID zprávy: a2d8bfbe-43cf-4a35-896e-a4f91277bf4b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/14/2021 10:50:33 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Stroj)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/14/2021 10:13:12 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Stroj)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/14/2021 10:11:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Sběr dat čítače výkonu od služby BITS byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.

Error: (03/14/2021 10:11:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1009) (User: NT AUTHORITY)
Description: Procedura Open v knihovně DLL rozšiřitelných čítačů C:\Windows\System32\bitsperf.dll pro službu BITS vygenerovala výjimku 3221225477 v adrese 0x7ffe4ac1c44d. Data o výkonu pro tuto službu nebudou k dispozici.

Error: (03/14/2021 10:04:52 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.


System errors:
=============
Error: (03/19/2021 02:29:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (03/19/2021 02:27:55 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (03/19/2021 02:28:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (5:11:11, ‎19.‎3.‎2021) bylo neočekávané.

Error: (03/18/2021 02:33:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (03/18/2021 02:31:30 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (03/18/2021 02:32:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (5:39:47, ‎18.‎3.‎2021) bylo neočekávané.

Error: (03/17/2021 02:45:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2021 02:42:41 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.


Windows Defender:
================
Date: 2021-03-18 14:43:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F868CC9A-8F29-4674-ABB3-831721CEEED2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-16 13:33:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9566EC7A-12C3-47D0-8654-24FD0BE5262B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-14 21:20:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: Stroj\Tom78
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.333.404.0, AS: 1.333.404.0, NIS: 1.333.404.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-12 16:13:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3138FE1E-E48E-4E1B-B5E8-1D150952E6D0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-12 15:10:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B1D10F24-26A6-448C-8EB6-5DD7C8CE1F1A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-13 13:19:19
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 42%
Total physical RAM: 8097.73 MB
Available physical RAM: 4628.13 MB
Total Virtual: 16289.73 MB
Available Virtual: 10630.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:58.49 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:46.98 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:84.18 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:236 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:277.63 GB) NTFS

\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#17 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše


S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]
FirewallRules: [{28BC51D1-A0A4-4DA8-A9C4-4361C7B372A9}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{247E041C-E089-4822-B078-028E84CB6D5E}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{E31F4230-8177-42E4-A8AC-D5A7E6F88938}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
FirewallRules: [{A165DFBD-002F-4A8C-A181-777252CF0ED1}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{9227C3D6-09F2-4755-A6A1-23AC85DFD5C4}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{DE1C228A-D44E-4524-B9E7-6C1C78BCE758}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#18 Příspěvek od pan Hankey »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Tom78 (19-03-2021 21:34:22) Run:2
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78
Boot Mode: Normal
==============================================

fixlist content:
*****************

S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]
FirewallRules: [{28BC51D1-A0A4-4DA8-A9C4-4361C7B372A9}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{247E041C-E089-4822-B078-028E84CB6D5E}] => (Block) F:\HRY\Weed Shop 2\WS2.exe => No File
FirewallRules: [{E31F4230-8177-42E4-A8AC-D5A7E6F88938}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
FirewallRules: [{A165DFBD-002F-4A8C-A181-777252CF0ED1}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{9227C3D6-09F2-4755-A6A1-23AC85DFD5C4}] => (Block) F:\HRY\Tropico 6\Launcher\KalypsoLauncher.exe => No File
FirewallRules: [{DE1C228A-D44E-4524-B9E7-6C1C78BCE758}] => (Block) F:\HRY\Tropico 6\Tropico6.exe => No File
EmptyTemp:


*****************

HKLM\System\CurrentControlSet\Services\MBAMWebProtection => removed successfully
MBAMWebProtection => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28BC51D1-A0A4-4DA8-A9C4-4361C7B372A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{247E041C-E089-4822-B078-028E84CB6D5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E31F4230-8177-42E4-A8AC-D5A7E6F88938}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A165DFBD-002F-4A8C-A181-777252CF0ED1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9227C3D6-09F2-4755-A6A1-23AC85DFD5C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE1C228A-D44E-4524-B9E7-6C1C78BCE758}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16886097 B
Java, Flash, Steam htmlcache => 267243809 B
Windows/system/drivers => 23927972 B
Edge => 0 B
Firefox => 1123735439 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 6073180 B
Tom78 => 35375905 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:35:11 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#19 Příspěvek od Diallix »

Neaka zmena?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#20 Příspěvek od pan Hankey »

Windows update už funguje a správce úloh taky, ale mám tady ještě jeden soubor který nejde z pc odstranit. Virus total ho taky nemůže otestovat. Přikládám foto.
nejde odstranit.jpg
nejde odstranit.jpg (21.98 KiB) Zobrazeno 904 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#21 Příspěvek od Diallix »

Jasne, skusime.

Poslete mi, prosim, cele jeho umiestnenie?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#22 Příspěvek od pan Hankey »

C:\Downloads\nejde_smazat

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#23 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
C:\Downloads\nejde_smazat

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#24 Příspěvek od pan Hankey »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Tom78 (22-03-2021 10:20:27) Run:3
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
C:\Downloads\nejde_smazat


*****************

Processes closed successfully.
C:\Downloads\nejde_smazat => moved successfully


The system needed a reboot.

==== End of Fixlog 10:20:28 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#25 Příspěvek od Diallix »

Ok, zmazalo?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Windows update nefunguje a pár dalších podivností s PC

#26 Příspěvek od pan Hankey »

Ano, děkuju moc za pomoc. :thumbsup:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Windows update nefunguje a pár dalších podivností s PC

#27 Příspěvek od Diallix »

V pohode, za malo :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno