Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Detekováno: Program: Win32/Uwasson.A!ml

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Detekováno: Program: Win32/Uwasson.A!ml

#1 Příspěvek od Brdská Panda »

Dobrý den,
předem děkuji za Váš čas, který rád ocením příspěvkem na provoz fóra.

Widows Defender mě upozornil:
Detekováno:Program:Win32/Uwasson.A!ml
Stav:Aktivní
Aktivní hrozby nebyly vyřešeny a pořád na vašem zařízení běží.



FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by sando (administrator) on PANDA-PC (MSI MS-7971) (19-03-2021 18:54:15)
Running from C:\Users\sando\Downloads
Loaded Profiles: sando
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Logitech Inc -> ) C:\Program Files\LGHUB\logi_analytics_client.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sando\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2>
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Zeasn) [File not signed] C:\TPVAOC\G-Menu\G-Menu.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] () [File not signed]
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] () [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2070376 2020-08-27] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33020896 2021-03-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [Discord] => C:\Users\sando\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [EPSON Stylus SX200] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [221696 2007-12-13] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [GogGalaxy] => E:\Games\GOG Galaxy\GOG Galaxy\GalaxyClient.exe [14448200 2020-08-19] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-03-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\sando\AppData\Local\WhatsApp\Update.exe [2252488 2021-03-15] (WhatsApp, Inc -> )
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {8c612db2-43ce-11eb-be98-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {c14b0e49-e445-11ea-be89-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {f987ae13-6813-11eb-bea2-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\EPSON Stylus SX200 Series 64MonitorBE: C:\Windows\system32\E_ILMEFE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0689BBF4-7D6E-407F-B4EB-0A98485F63FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {09522C08-67B8-4C7F-9F76-86A6BE5F91FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B33B53A-4365-412A-BE9F-6D776E470404} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FB858C1-7853-4E06-8460-DCD0947C3152} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4767534E-FB07-4581-B6FB-EA79E79EFA8B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A2D0E54-236D-41C4-BE19-CA43FD535B39} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7B1139AE-1723-44F9-91A9-C36B4B185F12} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {82AE6915-8C4D-4176-B4A5-2451450B319C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FD2C6AF-0433-44E3-A96C-949DC2F493DE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {96ED4AA7-0382-41A6-AA5E-399D366C0420} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFD07656-3E8B-489E-907F-E91276A5CF82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1693879-F98B-4C06-B5F3-74138AC94CA0} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {BA75114C-D06D-44D0-A010-C45E8C99470C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5D52059-0DD5-45A7-8E0A-AEF41CEF5E39} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E71E3555-375D-4DAF-B5D6-97697C5E6ABF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB11E376-15F5-4DB0-AF80-77D126FAABA1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.2.1 10.0.0.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{1f4be616-13ae-4c2b-bd19-83bf589e54b6}: [DhcpNameServer] 192.168.1.10
Tcpip\..\Interfaces\{458df1a8-d32b-40c6-b33a-d4d613fca51d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d241e43a-156e-4096-8b18-a25033ded23d}: [DhcpNameServer] 10.0.2.1 10.0.0.1 8.8.8.8 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\sando\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-25]

FireFox:
========
FF DefaultProfile: 1wwxh7wj.default
FF ProfilePath: C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default [2021-03-19]
FF user.js: detected! => C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\user.js [2019-02-27]
FF Homepage: Mozilla\Firefox\Profiles\1wwxh7wj.default -> google.com
FF Notifications: Mozilla\Firefox\Profiles\1wwxh7wj.default -> hxxps://web.whatsapp.com; hxxps://aukro.cz
FF Extension: (No Name) - C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-02-01]
FF Extension: (Dark Fox) - C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-13]
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi
FF Extension: (Smart Defender) - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi [2019-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-28] (BattlEye Innovations e.K. -> )
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-02-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; E:\Games\GOG Galaxy\GOG Galaxy\GalaxyClientService.exe [1680968 2020-08-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-06-07] (GOG Sp. z o.o. -> GOG.com)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [1989480 2020-08-27] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10508704 2021-03-17] (Logitech Inc -> Logitech, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-03-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3445560 2020-03-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; E:\Hry\Rockstar_Launcher\RockstarService.exe [1688720 2020-02-13] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2019-03-01] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\WINDOWS\system32\drivers\HWiNFO64A_150.SYS [62240 2020-05-09] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_156; C:\WINDOWS\system32\drivers\HWiNFO64A_156.SYS [64496 2021-01-29] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_160; C:\WINDOWS\system32\drivers\HWiNFO64A_160.SYS [64536 2021-03-15] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kvnet; C:\WINDOWS\System32\drivers\kvnet.sys [48816 2020-08-27] (GFI Software Development Limited -> Kerio Technologies Inc.)
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech)
R3 MpKslb6758a43; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0BB439A2-1453-4378-9B03-8C710578E1E8}\MpKslDrv.sys [90360 2021-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2018-06-08] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2018-06-08] (Valve Corp. -> )
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 18:54 - 2021-03-19 18:54 - 000020757 _____ C:\Users\sando\Downloads\FRST.txt
2021-03-19 18:53 - 2021-03-19 18:54 - 000000000 ____D C:\FRST
2021-03-19 18:52 - 2021-03-19 18:52 - 002300928 _____ (Farbar) C:\Users\sando\Downloads\FRST64.exe
2021-03-18 18:59 - 2021-03-18 20:45 - 000000000 ____D C:\Users\sando\Desktop\prime 95
2021-03-18 18:55 - 2021-03-18 18:55 - 010358333 _____ C:\Users\sando\Downloads\p95v303b6.win64.zip
2021-03-18 12:25 - 2021-03-18 12:25 - 005832855 _____ (UserBenchmark.com) C:\Users\sando\Desktop\UserBenchMark.exe
2021-03-18 07:00 - 2021-03-18 07:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-03-18 07:00 - 2021-03-18 07:00 - 000000000 ____D C:\Program Files\LGHUB
2021-03-17 19:34 - 2021-03-17 19:34 - 000066896 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-03-17 19:34 - 2021-03-17 19:34 - 000037200 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-03-17 19:34 - 2021-03-17 19:34 - 000025928 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-03-17 13:39 - 2021-03-17 13:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-16 13:11 - 2021-03-18 07:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-15 21:09 - 2021-03-15 21:09 - 000064536 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A_160.SYS
2021-03-15 21:08 - 2021-03-15 21:08 - 009076976 _____ (Martin Malik - REALiX ) C:\Users\sando\Downloads\hwi_700.exe
2021-03-12 11:41 - 2021-03-12 11:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 11:41 - 2021-03-12 11:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 11:41 - 2021-03-12 11:41 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 11:41 - 2021-03-12 11:41 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 11:41 - 2021-03-12 11:41 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-10 10:56 - 2021-03-10 10:56 - 000000207 _____ C:\Users\sando\Desktop\TrueGameData.URL
2021-03-10 01:47 - 2021-03-10 01:47 - 000000285 _____ C:\Users\sando\Desktop\Rocket League®.url
2021-03-09 19:13 - 2021-03-09 19:40 - 292256323 _____ C:\Users\sando\Downloads\Ulice 4007.díl.mp4
2021-02-28 18:12 - 2021-02-28 18:12 - 000000000 ____D C:\Users\sando\AppData\Local\Apple Computer
2021-02-28 18:11 - 2021-02-28 18:11 - 000000000 ____D C:\Users\sando\Documents\Call Of Duty Black Ops Cold War
2021-02-28 16:01 - 2021-02-28 16:01 - 000000000 ____D C:\Users\sando\AppData\Local\Madness
2021-02-28 11:44 - 2021-02-28 11:44 - 000000223 _____ C:\Users\sando\Desktop\OUTRIDERS Demo.url
2021-02-26 02:16 - 2021-02-26 02:16 - 000000000 ____D C:\Users\sando\Documents\Blackmagic Design
2021-02-26 02:13 - 2021-02-26 02:13 - 000000000 ____D C:\Users\sando\AppData\Roaming\Blackmagic Design
2021-02-26 02:05 - 2021-02-26 02:05 - 000001393 _____ C:\Users\sando\Desktop\DaVinci Resolve Project Server.lnk
2021-02-26 02:05 - 2021-02-26 02:05 - 000001373 _____ C:\Users\sando\Desktop\Resolve.lnk
2021-02-26 02:05 - 2021-02-26 02:05 - 000000000 ____D C:\Users\sando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-26 02:05 - 2021-02-26 02:05 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-02-26 02:01 - 2021-02-26 02:13 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-02-26 02:01 - 2021-02-26 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-26 02:00 - 2020-11-03 00:17 - 1769599848 _____ (Blackmagic Design) C:\Users\sando\Downloads\DaVinci_Resolve_16.2.8_Windows.exe
2021-02-26 01:53 - 2021-02-26 01:59 - 1754201374 _____ C:\Users\sando\Downloads\DaVinci_Resolve_16.2.8_Windows.zip
2021-02-25 18:31 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001511184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000687896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-02-25 18:31 - 2021-02-24 12:57 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 008260888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 007391504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-02-25 18:31 - 2021-02-24 12:55 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-02-25 18:31 - 2021-02-24 02:50 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-24 20:56 - 2017-02-04 14:24 - 000000000 ____D C:\Users\sando\Desktop\Morčata na Útěku - Konec řezníků v čechách
2021-02-24 20:41 - 2020-10-06 18:25 - 000000000 ____D C:\Users\sando\Desktop\Black Sabbath - Paranoid (1970)
2021-02-23 22:07 - 2021-02-23 22:07 - 1051712732 _____ C:\WINDOWS\MEMORY.DMP
2021-02-23 22:07 - 2021-02-23 22:07 - 001450980 _____ C:\WINDOWS\Minidump\022321-7937-01.dmp
2021-02-23 22:07 - 2021-02-23 22:07 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-23 08:13 - 2021-02-23 09:02 - 000010032 _____ C:\Users\sando\Desktop\Nový Sešit OpenDocument (2).ods
2021-02-21 16:33 - 2021-02-21 16:33 - 000000762 _____ C:\Users\sando\Desktop\Game Clips – zástupce.lnk
2021-02-21 15:54 - 2021-02-24 12:54 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 18:53 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-19 18:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-19 18:39 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-19 17:52 - 2020-11-07 18:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-19 14:40 - 2019-02-26 23:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-19 14:39 - 2019-02-26 23:31 - 000000000 ____D C:\Users\sando\AppData\LocalLow\Mozilla
2021-03-19 12:25 - 2019-02-26 23:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-19 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-19 07:16 - 2020-12-25 01:06 - 000000000 ____D C:\Users\sando\AppData\Roaming\LGHUB
2021-03-19 07:16 - 2020-12-25 01:06 - 000000000 ____D C:\Users\sando\AppData\Local\LGHUB
2021-03-18 22:23 - 2020-03-10 10:30 - 000000000 ____D C:\Users\sando\AppData\Local\Battle.net
2021-03-18 19:22 - 2020-11-07 18:22 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-18 19:22 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-18 19:22 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-18 19:14 - 2020-11-07 18:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 19:14 - 2020-11-07 18:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-18 19:14 - 2020-09-17 16:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-18 19:02 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-18 07:31 - 2019-02-26 23:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-17 13:39 - 2019-02-26 23:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-16 21:42 - 2019-02-27 00:31 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-16 09:19 - 2019-02-26 21:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 21:08 - 2019-03-01 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-03-15 21:08 - 2019-03-01 10:55 - 000000000 ____D C:\Program Files\HWiNFO64
2021-03-15 15:34 - 2021-01-16 18:37 - 000000000 ____D C:\Users\sando\AppData\Roaming\WhatsApp
2021-03-15 14:01 - 2020-11-07 18:20 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2755401169-3200857975-537483308-1001
2021-03-15 14:01 - 2020-11-07 18:15 - 000002399 _____ C:\Users\sando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 14:01 - 2019-02-26 23:08 - 000000000 ___RD C:\Users\sando\OneDrive
2021-03-15 09:23 - 2021-01-16 18:37 - 000000000 ____D C:\Users\sando\AppData\Local\WhatsApp
2021-03-15 07:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 07:00 - 2019-02-26 23:06 - 000000000 ____D C:\Users\sando\AppData\Local\Packages
2021-03-15 06:55 - 2020-08-22 08:05 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 16:52 - 2019-02-28 01:16 - 000000000 ____D C:\Users\sando\Documents\My Games
2021-03-14 00:52 - 2019-02-27 11:30 - 000000000 ____D C:\Users\sando\AppData\Roaming\vlc
2021-03-13 02:32 - 2020-11-07 18:14 - 004958296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 02:31 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-13 02:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 21:03 - 2020-05-10 09:47 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-03-12 21:03 - 2019-12-05 01:00 - 001682352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-03-12 21:03 - 2019-12-05 01:00 - 000169400 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-03-12 21:02 - 2019-12-13 21:24 - 000216016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-03-12 21:02 - 2019-12-05 01:00 - 000159184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-03-12 21:02 - 2019-12-05 01:00 - 000038320 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-03-12 11:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 11:36 - 2019-02-27 01:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 11:34 - 2019-02-27 01:16 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 11:53 - 2019-11-23 19:25 - 000000000 ____D C:\Users\sando\AppData\Local\ElevatedDiagnostics
2021-03-05 18:35 - 2019-02-26 23:42 - 000000000 ____D C:\Users\sando\AppData\Local\D3DSCache
2021-03-05 17:47 - 2020-11-07 18:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b52a12ded21f
2021-03-05 17:47 - 2020-11-07 18:20 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-02 22:22 - 2021-01-03 11:02 - 000073676 _____ C:\Users\sando\Desktop\rozpočet 2021.ods
2021-02-28 16:01 - 2019-02-27 01:04 - 000000000 ____D C:\Users\sando\AppData\Local\UnrealEngine
2021-02-28 16:00 - 2019-02-28 10:11 - 000000000 ____D C:\Users\sando\AppData\Roaming\EasyAntiCheat
2021-02-28 03:46 - 2019-03-29 10:32 - 000000000 ____D C:\Users\sando\AppData\Roaming\Discord
2021-02-26 02:16 - 2019-05-23 23:23 - 000000000 ____D C:\Users\sando\AppData\Local\NVIDIA
2021-02-24 12:54 - 2020-10-27 17:17 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-24 01:04 - 2020-11-07 18:15 - 000000000 ____D C:\Users\sando
2021-02-23 22:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-23 08:13 - 2019-07-25 17:13 - 000000811 _____ C:\Users\sando\Desktop\Nový textový dokument.txt
2021-02-21 19:19 - 2020-10-01 08:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\PerfLogs
2021-02-21 17:39 - 2019-10-07 20:54 - 000000000 ____D C:\Users\sando\.dotnet
2021-02-21 17:39 - 2019-10-07 20:17 - 000000000 ____D C:\Users\sando\AppData\Local\.IdentityService
2021-02-21 16:08 - 2019-05-01 10:50 - 000000000 ____D C:\Users\sando\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2020-11-22 00:56 - 2020-11-22 00:56 - 000000874 _____ () C:\Users\sando\AppData\Local\recently-used.xbel
2019-12-29 10:26 - 2021-02-11 22:18 - 000007607 _____ () C:\Users\sando\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by sando (19-03-2021 18:55:28)
Running from C:\Users\sando\Downloads
Windows 10 Pro Version 2004 19041.867 (X64) (2020-11-07 17:20:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2755401169-3200857975-537483308-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2755401169-3200857975-537483308-503 - Limited - Disabled)
Guest (S-1-5-21-2755401169-3200857975-537483308-501 - Limited - Disabled)
sando (S-1-5-21-2755401169-3200857975-537483308-1001 - Administrator - Enabled) => C:\Users\sando
WDAGUtilityAccount (S-1-5-21-2755401169-3200857975-537483308-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5FD1DF50-FBB1-4888-8F8F-4ECDC78909C4}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DZSALauncher version 0.0.4.8 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.4.8 - Maca134)
Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{C4105EB5-5C16-40C4-93DF-66DE6584D26E}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
GIMP 2.10.22 (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
G-Menu (HKLM-x32\...\{D80BD271-5FD8-48BE-9BEE-83557B2A0BDA}) (Version: 1.0.11 - TPVAOC)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
HWiNFO64 Version 7.00 (HKLM\...\HWiNFO64_is1) (Version: 7.00 - Martin Malik - REALiX)
icecap_collection_neutral (HKLM-x32\...\{7BB0BF1D-3021-45DC-912E-9DAB74F486C0}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0B880F5C-ECD4-4FC6-81A7-46C40ECA0B8C}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{5F584D04-17CF-442B-8CBC-3FF9ABBF74A6}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{0E9D093A-16D9-4572-953D-2881C7DA945C}) (Version: 16.1.28829 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kerio Control VPN Client (HKLM\...\{C973A5AF-0615-4805-BF66-3AFC2A70E3E3}) (Version: 9.3.4367 - Kerio Technologies Inc.)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Microsoft .NET Core SDK 3.0.100 (x64) from Visual Studio (HKLM\...\{C52DB3F0-440B-4A83-B795-B1180D70BBFF}) (Version: 3.0.100.014277 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.3.2214.1002 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Minecraft Launcher 1.8 (HKLM-x32\...\Minecraft Launcher 1.8 1.0.0) (Version: 1.0.0 - Mojang)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.70.5 - Black Tree Gaming)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Odinstalace tiskárny EPSON Stylus SX200 Series (HKLM\...\EPSON Stylus SX200 Series) (Version: - SEIKO EPSON Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.65.38147 - Electronic Arts, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SmartDefender (HKLM-x32\...\{3A19E44E-8948-4B6E-BC8E-87CDA335DFC6}) (Version: 1.0.0.0 - Vondos Media GmbH) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{6070460A-FB5E-4D92-8C99-0944C19C2ACA}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\76b58403) (Version: 16.3.29409.12 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{78500789-0EBE-4490-BE43-F9EF8250BF42}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4137D3AB-5B44-4AC9-83A4-5273F2E2547E}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D19BAD98-BFDD-4C70-B66C-EE75F851B9BC}) (Version: 16.3.29311 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DBA97C17-13F0-407B-8BC4-0C2E01A298A5}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AD3B73B9-D5C8-4FF9-AB73-7A1DC39F3E02}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{6B065DCD-E730-4FCE-905D-2B3F30A91110}) (Version: 16.3.29230 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{92B3118C-3214-4BFA-89A0-5FF5EDFA2AEA}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-17] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1109.0_x64__rz1tebttyb220 [2021-02-15] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-21] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2021-02-17] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-25] (NVIDIA Corp.)
PDF Reader - View, Edit, Annotate -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.4.7.0_x64__3v3sf0k6w2rec [2021-02-17] (Xodo Technologies Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.26.1.0_x64__nfy108tqq3p12 [2021-02-17] (Thumbmunkeys Ltd)
The Outer Worlds -> C:\Program Files\WindowsApps\PrivateDivision.TheOuterWorldsWindows10_1.4.617.0_x64__hv3d7yfbgr2rp [2020-10-09] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-10-26 13:46 - 2019-10-26 13:46 - 000196096 _____ (TODO: <公司名>) [File not signed] C:\TPVAOC\G-Menu\DDCHelperLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.1.10 - 10.0.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "boincmgr"
HKLM\...\StartupApproved\Run: => "boinctray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "WindowsDriverScan64"
HKLM\...\StartupApproved\Run32: => "WindowsDriverScan86"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "EPSON Stylus SX200"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E790759-1DC2-43C2-85C3-42A3ECDDBC51}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{0ABEF18C-7F39-40CA-9D18-31266208E9CC}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{24A46ECA-0D6A-4B2D-A2A1-4AB015111BDB}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{D2DD70C1-1D1E-40B8-B525-033E264BD216}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{A3740341-AA35-415B-8BCC-D1828397ACC1}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{62BEFC57-BB05-49BE-9001-48E4284C3576}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{518A3CEA-EA4D-42E6-8402-F0D71E35299A}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{648D0280-8A41-482F-9807-E072410EC3B4}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{6E614BEA-3ACF-4C99-B191-064BAF84267E}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{749838CA-5B16-41B2-AA87-886D8C44AD83}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{2EFCF986-A5FD-4283-A3C3-F0EBD15E5049}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7D925BE5-EABA-4185-AFC8-79A529875ECA}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{456503D4-9E28-4E15-979C-3DC1679A6EF3}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [TCP Query User{37152143-B6E3-4BB6-AB8D-8CED5F3FC330}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [{9903F85A-F56D-4774-B0B3-E62C36EA5CC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F21C1A38-FC6E-4656-9C01-6697F04D16A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4025643D-0F3E-4D67-B7CB-2638C64CA115}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{51A80750-E505-4B42-99CE-FFCC74CB4410}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{419FA520-2A37-4F3D-9A3D-73E475AB31E9}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{249B4417-9907-4242-B63B-03114DBFDF28}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query User{2C4396C2-0623-4B13-A6B3-7642EEE0D7B8}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [TCP Query User{01F3F060-B3F3-4232-8AFF-1AE03957855D}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [{F39132E6-AC9E-4E96-8101-49CFB5CE9DB5}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{4DA702F4-C249-48A3-AFD6-9D6AE6DFA916}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{D6DF5970-7152-46CC-8126-858EAD747E4E}] => (Allow) E:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{5CE8DCD5-AF96-43E2-92BE-316EF30E560B}] => (Allow) E:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [UDP Query User{4A95D6E0-13A1-4083-B91E-3BEE3A5C2DB2}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{FC022C28-9E38-4518-9124-86D166E7A895}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{66EFCBBA-C5AF-47C5-89C3-8E499B7986F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FF6E02-35E4-42E0-93E7-590989932864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{D39FD4FA-6FAD-4477-8DA1-3029760DB1FD}E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{F5B3495E-A350-4860-84E2-90AE5A68EDE6}E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{A071767C-430A-43B6-9F9B-D04281C14F7B}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{CC85E576-B803-4745-B44A-D05A9563DA2C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{E2AC1E2A-78A5-47CD-A8B1-7C6B79075BA5}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [TCP Query User{D9ACAB79-B8C2-4CA9-95DE-A3F501C03DA0}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [{7D877B99-8E65-41D3-B0FD-985E4AA991F7}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{E2F540B2-9291-4A68-AF37-29EFC2ED747D}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D37B931D-2F08-4444-AE63-CBE149262D7F}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{1F6D2C26-062C-4AB5-978A-F06378927A17}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [UDP Query User{34D170E1-9978-4A3F-B93A-D9A7531ADD8E}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AF01C42-03D9-479B-9CCC-F49191186DEC}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [{6ECA96AD-CDA2-4E25-92AC-2A49853D9560}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BDA11865-E6FA-48D1-B525-995DAC3F47A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2280DE4E-4D45-4174-B1A4-532B769F64B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9A80856A-E955-41D1-8CB5-C7A6094D2DC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8BC2CB01-640D-46C6-B088-B96568CE95CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0E47E307-C0AD-4F11-A2D2-F5BA8A575700}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{D543CAB9-E2CE-4E3F-BEC8-5F06F8525FAF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{14BC276E-4F33-46A2-AED1-BCC9AB0BB5DD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B9906013-895D-49B7-8147-E908D34173DD}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6EAD30A8-FC8E-48AA-89D3-B25356BC0E13}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4D93E0CB-1467-468C-9DCF-A9953276ABBA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B79E54AB-5637-4CD0-B718-7DB713451C45}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9D7368BC-A55E-4938-8A65-627D4D2E8A04}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{8AB24646-3B36-46B1-973E-644F9C97D85C}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{8072649B-5B22-4A4C-828C-21DF5D237132}] => (Allow) E:\SteamLibrary\steamapps\common\Feudal Alloy\FeudalAlloy.exe () [File not signed]
FirewallRules: [{FB84E9FF-7254-4D4F-A79B-B04994BB25CE}] => (Allow) E:\SteamLibrary\steamapps\common\Feudal Alloy\FeudalAlloy.exe () [File not signed]
FirewallRules: [{F1F14FD5-5102-4A9E-8B7E-7EFBD90CC9AE}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{0565D24F-0F84-4693-B484-4377DA4ADD29}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [TCP Query User{63CB55BD-21CE-425B-9CA3-89E2D23CF93D}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{A53851F8-B894-4EAB-A621-F30480F54945}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{312CEA12-635C-4BED-8C05-5371356184C7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C71FC1DB-FF13-488D-BA6E-173889CD92B2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{96C94DE2-4D90-4AE8-B185-A0BCC2A671FF}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{D68BA7B5-D6CB-43F2-86CA-2EC9343B7F65}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{91E1E983-65B4-4592-8704-4E5D101933BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7E86F6ED-2C8F-4025-9F5D-DB31A2E06B8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{A04E6724-3A78-4EBF-9759-530055ADD12D}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [UDP Query User{0AC26449-5B2B-47D7-B39E-EB7A9E11317F}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [{61E548BD-1298-423F-9DB0-8BD752E2C39F}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{EF93BCA7-893D-405D-87FE-D6EBFAE83A78}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{342E84FF-DD53-4F01-B0DF-1927F8FE7720}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{4F2143AD-6916-43C3-8DD5-27BC0C1D61D2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{784551B7-A9D1-4662-BF5E-9AB8C1D5185A}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{AFFC1CAB-C1B6-4F79-8B14-E2870D68B90F}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2D300829-2347-4220-8B9B-D0BEE45F413C}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{CB5A2866-777A-460D-A6D1-2E4D4054A724}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{4BF99C42-5543-48FB-BE27-D307F5D5A873}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E3F23C50-58C7-4ACA-9550-034A93F44D90}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7241358D-2689-4B96-BD9C-783949E853FD}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{6039BFC8-5B4B-4C8C-B47A-E79196ED0BFF}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{A4840C8D-BD5D-4DD2-9AA4-57FE01C72597}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{000BAF0A-E888-40AC-B5EA-33D74E8B51CA}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{E5775D98-719B-4849-80AC-C5C8281F4687}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4AC9FD47-02A2-436E-9FBB-B83C7D8BADCF}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{F8D2C07E-E10A-4C2F-9397-C1017EBEE2F9}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8F585E3B-E625-4605-9DCA-64C924951D7B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{9AE191BE-68AE-46F1-8AE6-A2045A2B268F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{21899610-5522-425C-99C1-E5D3F7E85EE5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1BDE2122-C6A2-4EBB-A8DC-971213346749}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6986E38-0196-4444-9B3E-75BF626BC5E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5E71D10-0FA1-4649-9DDA-AD5323F73F5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E42917C-8A67-471B-9494-17681DBCD8E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57B6401D-4B91-49F6-A188-6C1D1C5313AA}] => (Allow) E:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{91C41E83-74F7-49CE-BF53-CC3E5F4AF6B7}] => (Allow) E:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D9C39D4B-CE80-4C02-8F16-8B6F773987EF}E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{8D626E39-A9DD-47E5-9787-D160948166CB}E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [{3D4B080D-74EE-4B32-847C-B67A227AAEED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC8E3264-816E-46A4-97BA-02DE01B08B2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C7C35E-E299-4E29-A0F7-3D80129F5EAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CD26618-1BB4-41D9-86DF-676D2E3F7538}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B92B698-3274-4872-A5F7-CE568D8FD1FE}] => (Allow) E:\DaVinciResolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{570F4448-C8BC-4261-80D1-190873A929D8}] => (Allow) E:\DaVinciResolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FFBA59F4-42C0-407D-B8B8-5F5B551F70D1}] => (Allow) E:\DaVinciResolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4C045FA7-B0CB-49E0-8410-83578FC163E3}] => (Allow) E:\DaVinciResolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{729B8E27-2EB6-4043-9B64-AA8B7366358E}] => (Allow) E:\DaVinciResolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F0256CCF-1D46-4C3A-953A-9519C142C1DF}] => (Allow) E:\DaVinciResolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4FFC04F5-E5DD-47BB-B2E5-CA0940DEB9A8}] => (Allow) E:\DaVinciResolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{8855A561-3982-46E0-AFCC-BFFEFD9828F0}] => (Allow) E:\DaVinciResolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{595C3A98-0A0D-4E32-A404-DD4278CC5F7D}] => (Allow) E:\DaVinciResolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A0A5EB5A-C59C-4133-815B-4695F301EA7B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{20E0A3C9-26DA-4011-96DA-BAD983DA2D41}E:\davinciresolve\fuscript.exe] => (Allow) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6344FD91-CCF5-48A5-BCBE-8B56D203F069}E:\davinciresolve\fuscript.exe] => (Allow) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B9059C58-D5AA-4076-A4F2-8C1696D5B0E4}] => (Block) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E35F76C9-62D0-4C5A-BA22-3E3A48F48EC0}] => (Block) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E2F7A4FF-1185-4FB1-9971-BD2E7834B328}] => (Allow) D:\SteamLibrary\steamapps\common\OUTRIDERS Demo\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{E1D33A19-9092-43B8-9B82-57F621F4304F}] => (Allow) D:\SteamLibrary\steamapps\common\OUTRIDERS Demo\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{97A20D36-5EB8-4828-84BF-AEF7635EB84C}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{5A301A4F-FBDE-42AC-A1AE-47276EB5F756}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [{50E92310-2EC0-45D6-9730-266B0E71DE3D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.64 GB) (Free:20.34 GB) (18%)

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/16/2021 09:42:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.19041.6165, časové razítko: 0xe297f3f8
Název chybujícího modulu: GamingServices.DLL, verze: 10.0.19041.6165, časové razítko: 0x4e31a05a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b2a3a
ID chybujícího procesu: 0x1814
Čas spuštění chybující aplikace: 0x01d717aacae6ecfb
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.DLL
ID zprávy: 2bab376a-385c-463c-9314-3d22cb296b17
Úplný název chybujícího balíčku: Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices

Error: (03/15/2021 10:10:54 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/08/2021 05:00:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/08/2021 03:38:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{69dd954c-74aa-da7f-58d7-4ecfeb8d976c}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{b2ee08b5-eb03-5bc4-6505-e44b5aab1942}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/27/2021 11:36:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.19041.5520, časové razítko: 0x20d25d3e
Název chybujícího modulu: GamingServices.DLL, verze: 10.0.19041.5520, časové razítko: 0x05f6d9ce
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000013e3d
ID chybujícího procesu: 0x172c
Čas spuštění chybující aplikace: 0x01d70cf45efaf51f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServices.DLL
ID zprávy: 46df62ca-ad20-4426-b2c4-7e5f736c731d
Úplný název chybujícího balíčku: Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices


System errors:
=============
Error: (03/18/2021 07:39:55 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 3 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:39:55 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 2 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:39:55 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 1 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:39:55 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 0 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:32:36 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (03/18/2021 07:31:51 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 3 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:31:51 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 2 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/18/2021 07:31:51 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 1 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.


Windows Defender:
================
Date: 2021-03-17 12:29:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E5FDCB6-7FF7-4842-A688-C436C54D5BB7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-15 10:07:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B55EDC1F-0F79-4B80-A148-75DDDDEF9569}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-15 08:29:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C986A6F9-B752-4B09-889E-37CA4CA3BA5A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-12 12:13:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {749154A4-1F9C-4226-8611-24EE55D1BD88}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 10:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {872BCD05-F554-4DFF-A704-7E4DC8DA80FA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2020-11-14 17:20:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Users\sando\AppData\Local\Discord\app-0.0.308\Discord.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.157.2.17\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-13 20:52:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.157.2.17\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.B0 05/11/2016
Motherboard: MSI Z170-A PRO (MS-7971)
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 34%
Total physical RAM: 16346.86 MB
Available physical RAM: 10761.59 MB
Total Virtual: 19930.86 MB
Available Virtual: 11660.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.64 GB) (Free:20.34 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:476.92 GB) (Free:438.74 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:123.09 GB) NTFS

\\?\Volume{e5dfc605-ac96-40f0-9580-eb1d30b6f97c}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{fefa7ed6-a4b7-48f6-957e-73dcf26bb678}\ () (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS
\\?\Volume{30eba1af-13a1-40ae-a5d2-918d1d4a8f8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7B743737)

Partition: GPT.

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 1CC3A061)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#3 Příspěvek od Brdská Panda »

Omlouvám se, ale jedinou volbu vidím:
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#4 Příspěvek od Rudy »

Uložte do karantény. Tam jsou soubory neškodné.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#5 Příspěvek od Brdská Panda »

Logovací soubor:

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-19-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Vondos
Deleted C:\Users\sando\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted Smart Defender - {b84eec0c-f44b-420f-b2ee-db2a585be7fc}

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1562 octets] - [19/03/2021 20:49:50]
AdwCleaner[S01].txt - [1623 octets] - [19/03/2021 20:50:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#6 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#7 Příspěvek od Brdská Panda »

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by sando (administrator) on PANDA-PC (MSI MS-7971) (19-03-2021 22:03:20)
Running from C:\Users\sando\Downloads
Loaded Profiles: sando
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
(Logitech Inc -> ) C:\Program Files\LGHUB\logi_analytics_client.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\sando\AppData\Local\WhatsApp\app-2.2108.8\WhatsApp.exe <6>
(Zeasn) [File not signed] C:\TPVAOC\G-Menu\G-Menu.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] () [File not signed]
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] () [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Kerio Control VPN Client] => C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2070376 2020-08-27] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33020896 2021-03-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [Discord] => C:\Users\sando\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [EPSON Stylus SX200] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [221696 2007-12-13] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [GogGalaxy] => E:\Games\GOG Galaxy\GOG Galaxy\GalaxyClient.exe [14448200 2020-08-19] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-03-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\sando\AppData\Local\WhatsApp\Update.exe [2252488 2021-03-15] (WhatsApp, Inc -> )
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {8c612db2-43ce-11eb-be98-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {c14b0e49-e445-11ea-be89-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {f987ae13-6813-11eb-bea2-4ccc6a415d5d} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\EPSON Stylus SX200 Series 64MonitorBE: C:\Windows\system32\E_ILMEFE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0689BBF4-7D6E-407F-B4EB-0A98485F63FB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {09522C08-67B8-4C7F-9F76-86A6BE5F91FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B33B53A-4365-412A-BE9F-6D776E470404} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FB858C1-7853-4E06-8460-DCD0947C3152} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4767534E-FB07-4581-B6FB-EA79E79EFA8B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A2D0E54-236D-41C4-BE19-CA43FD535B39} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7B1139AE-1723-44F9-91A9-C36B4B185F12} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {82AE6915-8C4D-4176-B4A5-2451450B319C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FD2C6AF-0433-44E3-A96C-949DC2F493DE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {96ED4AA7-0382-41A6-AA5E-399D366C0420} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFD07656-3E8B-489E-907F-E91276A5CF82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1693879-F98B-4C06-B5F3-74138AC94CA0} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {BA75114C-D06D-44D0-A010-C45E8C99470C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5D52059-0DD5-45A7-8E0A-AEF41CEF5E39} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E71E3555-375D-4DAF-B5D6-97697C5E6ABF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB11E376-15F5-4DB0-AF80-77D126FAABA1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.2.1 10.0.0.1 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{458df1a8-d32b-40c6-b33a-d4d613fca51d}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d241e43a-156e-4096-8b18-a25033ded23d}: [DhcpNameServer] 10.0.2.1 10.0.0.1 8.8.8.8 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\sando\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-25]

FireFox:
========
FF DefaultProfile: 1wwxh7wj.default
FF ProfilePath: C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default [2021-03-19]
FF user.js: detected! => C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\user.js [2019-02-27]
FF Homepage: Mozilla\Firefox\Profiles\1wwxh7wj.default -> google.com
FF Notifications: Mozilla\Firefox\Profiles\1wwxh7wj.default -> hxxps://web.whatsapp.com; hxxps://aukro.cz
FF Extension: (No Name) - C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-02-01]
FF Extension: (Dark Fox) - C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Profiles\1wwxh7wj.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-13]
FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-28] (BattlEye Innovations e.K. -> )
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-02-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; E:\Games\GOG Galaxy\GOG Galaxy\GalaxyClientService.exe [1680968 2020-08-19] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-06-07] (GOG Sp. z o.o. -> GOG.com)
R2 KVPNCSvc; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [1989480 2020-08-27] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10508704 2021-03-17] (Logitech Inc -> Logitech, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-03-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3445560 2020-03-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; E:\Hry\Rockstar_Launcher\RockstarService.exe [1688720 2020-02-13] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13147152 2020-08-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2019-03-01] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\WINDOWS\system32\drivers\HWiNFO64A_150.SYS [62240 2020-05-09] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_156; C:\WINDOWS\system32\drivers\HWiNFO64A_156.SYS [64496 2021-01-29] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_160; C:\WINDOWS\system32\drivers\HWiNFO64A_160.SYS [64536 2021-03-15] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kvnet; C:\WINDOWS\System32\drivers\kvnet.sys [48816 2020-08-27] (GFI Software Development Limited -> Kerio Technologies Inc.)
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-17] (Logitech Inc -> Logitech)
R3 MpKsl21e85854; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{61852800-D40B-4D00-9EB8-610C2DF5359C}\MpKslDrv.sys [90360 2021-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2018-06-08] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2018-06-08] (Valve Corp. -> )
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 20:47 - 2021-03-19 21:01 - 000000000 ____D C:\AdwCleaner
2021-03-19 20:43 - 2021-03-19 20:44 - 008463216 _____ (Malwarebytes) C:\Users\sando\Desktop\adwcleaner_8.1.exe
2021-03-19 18:54 - 2021-03-19 22:03 - 000019937 _____ C:\Users\sando\Downloads\FRST.txt
2021-03-19 18:53 - 2021-03-19 22:03 - 000000000 ____D C:\FRST
2021-03-19 18:52 - 2021-03-19 18:52 - 002300928 _____ (Farbar) C:\Users\sando\Downloads\FRST64.exe
2021-03-18 18:59 - 2021-03-18 20:45 - 000000000 ____D C:\Users\sando\Desktop\prime 95
2021-03-18 18:55 - 2021-03-18 18:55 - 010358333 _____ C:\Users\sando\Downloads\p95v303b6.win64.zip
2021-03-18 12:25 - 2021-03-18 12:25 - 005832855 _____ (UserBenchmark.com) C:\Users\sando\Desktop\UserBenchMark.exe
2021-03-18 07:00 - 2021-03-18 07:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-03-18 07:00 - 2021-03-18 07:00 - 000000000 ____D C:\Program Files\LGHUB
2021-03-17 19:34 - 2021-03-17 19:34 - 000066896 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2021-03-17 19:34 - 2021-03-17 19:34 - 000037200 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2021-03-17 19:34 - 2021-03-17 19:34 - 000025928 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2021-03-17 13:39 - 2021-03-17 13:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-16 13:11 - 2021-03-18 07:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-15 21:09 - 2021-03-15 21:09 - 000064536 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A_160.SYS
2021-03-15 21:08 - 2021-03-15 21:08 - 009076976 _____ (Martin Malik - REALiX ) C:\Users\sando\Downloads\hwi_700.exe
2021-03-12 11:41 - 2021-03-12 11:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 11:41 - 2021-03-12 11:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 11:41 - 2021-03-12 11:41 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 11:41 - 2021-03-12 11:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 11:41 - 2021-03-12 11:41 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 11:41 - 2021-03-12 11:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 11:41 - 2021-03-12 11:41 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-10 10:56 - 2021-03-10 10:56 - 000000207 _____ C:\Users\sando\Desktop\TrueGameData.URL
2021-03-10 01:47 - 2021-03-10 01:47 - 000000285 _____ C:\Users\sando\Desktop\Rocket League®.url
2021-03-09 19:13 - 2021-03-09 19:40 - 292256323 _____ C:\Users\sando\Downloads\Ulice 4007.díl.mp4
2021-02-28 18:12 - 2021-02-28 18:12 - 000000000 ____D C:\Users\sando\AppData\Local\Apple Computer
2021-02-28 18:11 - 2021-02-28 18:11 - 000000000 ____D C:\Users\sando\Documents\Call Of Duty Black Ops Cold War
2021-02-28 16:01 - 2021-02-28 16:01 - 000000000 ____D C:\Users\sando\AppData\Local\Madness
2021-02-28 11:44 - 2021-02-28 11:44 - 000000223 _____ C:\Users\sando\Desktop\OUTRIDERS Demo.url
2021-02-26 02:16 - 2021-02-26 02:16 - 000000000 ____D C:\Users\sando\Documents\Blackmagic Design
2021-02-26 02:13 - 2021-02-26 02:13 - 000000000 ____D C:\Users\sando\AppData\Roaming\Blackmagic Design
2021-02-26 02:05 - 2021-02-26 02:05 - 000001393 _____ C:\Users\sando\Desktop\DaVinci Resolve Project Server.lnk
2021-02-26 02:05 - 2021-02-26 02:05 - 000001373 _____ C:\Users\sando\Desktop\Resolve.lnk
2021-02-26 02:05 - 2021-02-26 02:05 - 000000000 ____D C:\Users\sando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-26 02:05 - 2021-02-26 02:05 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-02-26 02:01 - 2021-02-26 02:13 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-02-26 02:01 - 2021-02-26 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-02-26 02:00 - 2020-11-03 00:17 - 1769599848 _____ (Blackmagic Design) C:\Users\sando\Downloads\DaVinci_Resolve_16.2.8_Windows.exe
2021-02-26 01:53 - 2021-02-26 01:59 - 1754201374 _____ C:\Users\sando\Downloads\DaVinci_Resolve_16.2.8_Windows.zip
2021-02-25 18:31 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-25 18:31 - 2021-02-24 13:01 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-25 18:31 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-02-25 18:31 - 2021-02-24 12:58 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001511184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000687896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-02-25 18:31 - 2021-02-24 12:57 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-25 18:31 - 2021-02-24 12:57 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 008260888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 007391504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-25 18:31 - 2021-02-24 12:56 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-02-25 18:31 - 2021-02-24 12:55 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-02-25 18:31 - 2021-02-24 02:50 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-24 20:56 - 2017-02-04 14:24 - 000000000 ____D C:\Users\sando\Desktop\Morčata na Útěku - Konec řezníků v čechách
2021-02-24 20:41 - 2020-10-06 18:25 - 000000000 ____D C:\Users\sando\Desktop\Black Sabbath - Paranoid (1970)
2021-02-23 22:07 - 2021-02-23 22:07 - 1051712732 _____ C:\WINDOWS\MEMORY.DMP
2021-02-23 22:07 - 2021-02-23 22:07 - 001450980 _____ C:\WINDOWS\Minidump\022321-7937-01.dmp
2021-02-23 22:07 - 2021-02-23 22:07 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-23 08:13 - 2021-02-23 09:02 - 000010032 _____ C:\Users\sando\Desktop\Nový Sešit OpenDocument (2).ods
2021-02-21 16:33 - 2021-02-21 16:33 - 000000762 _____ C:\Users\sando\Desktop\Game Clips – zástupce.lnk
2021-02-21 15:54 - 2021-02-24 12:54 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-19 22:01 - 2021-01-16 18:37 - 000000000 ____D C:\Users\sando\AppData\Roaming\WhatsApp
2021-03-19 22:01 - 2020-11-07 18:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-19 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-19 21:46 - 2019-02-26 23:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-19 21:45 - 2019-02-26 23:31 - 000000000 ____D C:\Users\sando\AppData\LocalLow\Mozilla
2021-03-19 21:24 - 2020-12-25 01:06 - 000000000 ____D C:\Users\sando\AppData\Roaming\LGHUB
2021-03-19 21:24 - 2020-12-25 01:06 - 000000000 ____D C:\Users\sando\AppData\Local\LGHUB
2021-03-19 21:09 - 2019-02-27 00:31 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-19 21:02 - 2019-02-26 23:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-19 18:53 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-19 18:39 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-19 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-18 22:23 - 2020-03-10 10:30 - 000000000 ____D C:\Users\sando\AppData\Local\Battle.net
2021-03-18 19:22 - 2020-11-07 18:22 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-18 19:22 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-18 19:22 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-18 19:14 - 2020-11-07 18:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 19:14 - 2020-11-07 18:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-18 19:14 - 2020-09-17 16:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-18 19:02 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-18 07:31 - 2019-02-26 23:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-17 13:39 - 2019-02-26 23:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-16 09:19 - 2019-02-26 21:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 21:08 - 2019-03-01 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-03-15 21:08 - 2019-03-01 10:55 - 000000000 ____D C:\Program Files\HWiNFO64
2021-03-15 14:01 - 2020-11-07 18:20 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2755401169-3200857975-537483308-1001
2021-03-15 14:01 - 2020-11-07 18:15 - 000002399 _____ C:\Users\sando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 14:01 - 2019-02-26 23:08 - 000000000 ___RD C:\Users\sando\OneDrive
2021-03-15 09:23 - 2021-01-16 18:37 - 000000000 ____D C:\Users\sando\AppData\Local\WhatsApp
2021-03-15 07:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 07:00 - 2019-02-26 23:06 - 000000000 ____D C:\Users\sando\AppData\Local\Packages
2021-03-15 06:55 - 2020-08-22 08:05 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 16:52 - 2019-02-28 01:16 - 000000000 ____D C:\Users\sando\Documents\My Games
2021-03-14 00:52 - 2019-02-27 11:30 - 000000000 ____D C:\Users\sando\AppData\Roaming\vlc
2021-03-13 02:32 - 2020-11-07 18:14 - 004958296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 02:31 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-13 02:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-13 02:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 21:03 - 2020-05-10 09:47 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-03-12 21:03 - 2019-12-05 01:00 - 001682352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-03-12 21:03 - 2019-12-05 01:00 - 000169400 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-03-12 21:02 - 2019-12-13 21:24 - 000216016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-03-12 21:02 - 2019-12-05 01:00 - 000159184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-03-12 21:02 - 2019-12-05 01:00 - 000038320 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-03-12 11:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 11:36 - 2019-02-27 01:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 11:34 - 2019-02-27 01:16 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 11:53 - 2019-11-23 19:25 - 000000000 ____D C:\Users\sando\AppData\Local\ElevatedDiagnostics
2021-03-05 18:35 - 2019-02-26 23:42 - 000000000 ____D C:\Users\sando\AppData\Local\D3DSCache
2021-03-05 17:47 - 2020-11-07 18:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b52a12ded21f
2021-03-05 17:47 - 2020-11-07 18:20 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-02 22:22 - 2021-01-03 11:02 - 000073676 _____ C:\Users\sando\Desktop\rozpočet 2021.ods
2021-02-28 16:01 - 2019-02-27 01:04 - 000000000 ____D C:\Users\sando\AppData\Local\UnrealEngine
2021-02-28 16:00 - 2019-02-28 10:11 - 000000000 ____D C:\Users\sando\AppData\Roaming\EasyAntiCheat
2021-02-28 03:46 - 2019-03-29 10:32 - 000000000 ____D C:\Users\sando\AppData\Roaming\Discord
2021-02-26 02:16 - 2019-05-23 23:23 - 000000000 ____D C:\Users\sando\AppData\Local\NVIDIA
2021-02-24 12:54 - 2020-10-27 17:17 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-24 01:04 - 2020-11-07 18:15 - 000000000 ____D C:\Users\sando
2021-02-23 22:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-23 08:13 - 2019-07-25 17:13 - 000000811 _____ C:\Users\sando\Desktop\Nový textový dokument.txt
2021-02-21 19:19 - 2020-10-01 08:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\PerfLogs
2021-02-21 17:39 - 2019-10-07 20:54 - 000000000 ____D C:\Users\sando\.dotnet
2021-02-21 17:39 - 2019-10-07 20:17 - 000000000 ____D C:\Users\sando\AppData\Local\.IdentityService
2021-02-21 16:08 - 2019-05-01 10:50 - 000000000 ____D C:\Users\sando\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2020-11-22 00:56 - 2020-11-22 00:56 - 000000874 _____ () C:\Users\sando\AppData\Local\recently-used.xbel
2019-12-29 10:26 - 2021-02-11 22:18 - 000007607 _____ () C:\Users\sando\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by sando (19-03-2021 22:04:26)
Running from C:\Users\sando\Downloads
Windows 10 Pro Version 2004 19041.867 (X64) (2020-11-07 17:20:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2755401169-3200857975-537483308-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2755401169-3200857975-537483308-503 - Limited - Disabled)
Guest (S-1-5-21-2755401169-3200857975-537483308-501 - Limited - Disabled)
sando (S-1-5-21-2755401169-3200857975-537483308-1001 - Administrator - Enabled) => C:\Users\sando
WDAGUtilityAccount (S-1-5-21-2755401169-3200857975-537483308-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5FD1DF50-FBB1-4888-8F8F-4ECDC78909C4}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DZSALauncher version 0.0.4.8 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.4.8 - Maca134)
Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{C4105EB5-5C16-40C4-93DF-66DE6584D26E}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
GIMP 2.10.22 (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
G-Menu (HKLM-x32\...\{D80BD271-5FD8-48BE-9BEE-83557B2A0BDA}) (Version: 1.0.11 - TPVAOC)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
HWiNFO64 Version 7.00 (HKLM\...\HWiNFO64_is1) (Version: 7.00 - Martin Malik - REALiX)
icecap_collection_neutral (HKLM-x32\...\{7BB0BF1D-3021-45DC-912E-9DAB74F486C0}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0B880F5C-ECD4-4FC6-81A7-46C40ECA0B8C}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{5F584D04-17CF-442B-8CBC-3FF9ABBF74A6}) (Version: 16.3.29110 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{0E9D093A-16D9-4572-953D-2881C7DA945C}) (Version: 16.1.28829 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kerio Control VPN Client (HKLM\...\{C973A5AF-0615-4805-BF66-3AFC2A70E3E3}) (Version: 9.3.4367 - Kerio Technologies Inc.)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Microsoft .NET Core SDK 3.0.100 (x64) from Visual Studio (HKLM\...\{C52DB3F0-440B-4A83-B795-B1180D70BBFF}) (Version: 3.0.100.014277 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.3.2214.1002 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Minecraft Launcher 1.8 (HKLM-x32\...\Minecraft Launcher 1.8 1.0.0) (Version: 1.0.0 - Mojang)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.70.5 - Black Tree Gaming)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Odinstalace tiskárny EPSON Stylus SX200 Series (HKLM\...\EPSON Stylus SX200 Series) (Version: - SEIKO EPSON Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{A7F49FA5-9FCA-4936-8652-CD00206D9300}) (Version: 5.2.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.65.38147 - Electronic Arts, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SmartDefender (HKLM-x32\...\{3A19E44E-8948-4B6E-BC8E-87CDA335DFC6}) (Version: 1.0.0.0 - Vondos Media GmbH) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.9.4 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{6070460A-FB5E-4D92-8C99-0944C19C2ACA}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\76b58403) (Version: 16.3.29409.12 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{78500789-0EBE-4490-BE43-F9EF8250BF42}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4137D3AB-5B44-4AC9-83A4-5273F2E2547E}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D19BAD98-BFDD-4C70-B66C-EE75F851B9BC}) (Version: 16.3.29311 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DBA97C17-13F0-407B-8BC4-0C2E01A298A5}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AD3B73B9-D5C8-4FF9-AB73-7A1DC39F3E02}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{6B065DCD-E730-4FCE-905D-2B3F30A91110}) (Version: 16.3.29230 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{92B3118C-3214-4BFA-89A0-5FF5EDFA2AEA}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-17] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1109.0_x64__rz1tebttyb220 [2021-02-15] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-21] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2021-02-17] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-25] (NVIDIA Corp.)
PDF Reader - View, Edit, Annotate -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.4.7.0_x64__3v3sf0k6w2rec [2021-02-17] (Xodo Technologies Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.26.1.0_x64__nfy108tqq3p12 [2021-02-17] (Thumbmunkeys Ltd)
The Outer Worlds -> C:\Program Files\WindowsApps\PrivateDivision.TheOuterWorldsWindows10_1.4.617.0_x64__hv3d7yfbgr2rp [2020-10-09] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-05-23 23:17 - 2008-06-19 23:41 - 000062464 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2019-10-26 13:46 - 2019-10-26 13:46 - 000196096 _____ (TODO: <公司名>) [File not signed] C:\TPVAOC\G-Menu\DDCHelperLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-27] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sando\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.2.1 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "boincmgr"
HKLM\...\StartupApproved\Run: => "boinctray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "WindowsDriverScan64"
HKLM\...\StartupApproved\Run32: => "WindowsDriverScan86"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "EPSON Stylus SX200"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E790759-1DC2-43C2-85C3-42A3ECDDBC51}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{0ABEF18C-7F39-40CA-9D18-31266208E9CC}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{24A46ECA-0D6A-4B2D-A2A1-4AB015111BDB}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{D2DD70C1-1D1E-40B8-B525-033E264BD216}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{A3740341-AA35-415B-8BCC-D1828397ACC1}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{62BEFC57-BB05-49BE-9001-48E4284C3576}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ Exp\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{518A3CEA-EA4D-42E6-8402-F0D71E35299A}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{648D0280-8A41-482F-9807-E072410EC3B4}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{6E614BEA-3ACF-4C99-B191-064BAF84267E}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{749838CA-5B16-41B2-AA87-886D8C44AD83}] => (Allow) E:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{2EFCF986-A5FD-4283-A3C3-F0EBD15E5049}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7D925BE5-EABA-4185-AFC8-79A529875ECA}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{456503D4-9E28-4E15-979C-3DC1679A6EF3}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [TCP Query User{37152143-B6E3-4BB6-AB8D-8CED5F3FC330}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [{9903F85A-F56D-4774-B0B3-E62C36EA5CC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F21C1A38-FC6E-4656-9C01-6697F04D16A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4025643D-0F3E-4D67-B7CB-2638C64CA115}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{51A80750-E505-4B42-99CE-FFCC74CB4410}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{419FA520-2A37-4F3D-9A3D-73E475AB31E9}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{249B4417-9907-4242-B63B-03114DBFDF28}] => (Allow) E:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query User{2C4396C2-0623-4B13-A6B3-7642EEE0D7B8}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [TCP Query User{01F3F060-B3F3-4232-8AFF-1AE03957855D}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [{F39132E6-AC9E-4E96-8101-49CFB5CE9DB5}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{4DA702F4-C249-48A3-AFD6-9D6AE6DFA916}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{D6DF5970-7152-46CC-8126-858EAD747E4E}] => (Allow) E:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{5CE8DCD5-AF96-43E2-92BE-316EF30E560B}] => (Allow) E:\SteamLibrary\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [UDP Query User{4A95D6E0-13A1-4083-B91E-3BEE3A5C2DB2}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{FC022C28-9E38-4518-9124-86D166E7A895}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{66EFCBBA-C5AF-47C5-89C3-8E499B7986F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FF6E02-35E4-42E0-93E7-590989932864}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{D39FD4FA-6FAD-4477-8DA1-3029760DB1FD}E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{F5B3495E-A350-4860-84E2-90AE5A68EDE6}E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\activision-blizzardlibrary\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{A071767C-430A-43B6-9F9B-D04281C14F7B}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{CC85E576-B803-4745-B44A-D05A9563DA2C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{E2AC1E2A-78A5-47CD-A8B1-7C6B79075BA5}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [TCP Query User{D9ACAB79-B8C2-4CA9-95DE-A3F501C03DA0}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [{7D877B99-8E65-41D3-B0FD-985E4AA991F7}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{E2F540B2-9291-4A68-AF37-29EFC2ED747D}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D37B931D-2F08-4444-AE63-CBE149262D7F}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{1F6D2C26-062C-4AB5-978A-F06378927A17}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [UDP Query User{34D170E1-9978-4A3F-B93A-D9A7531ADD8E}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AF01C42-03D9-479B-9CCC-F49191186DEC}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [{6ECA96AD-CDA2-4E25-92AC-2A49853D9560}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BDA11865-E6FA-48D1-B525-995DAC3F47A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2280DE4E-4D45-4174-B1A4-532B769F64B7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9A80856A-E955-41D1-8CB5-C7A6094D2DC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8BC2CB01-640D-46C6-B088-B96568CE95CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0E47E307-C0AD-4F11-A2D2-F5BA8A575700}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{D543CAB9-E2CE-4E3F-BEC8-5F06F8525FAF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{14BC276E-4F33-46A2-AED1-BCC9AB0BB5DD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B9906013-895D-49B7-8147-E908D34173DD}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6EAD30A8-FC8E-48AA-89D3-B25356BC0E13}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4D93E0CB-1467-468C-9DCF-A9953276ABBA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B79E54AB-5637-4CD0-B718-7DB713451C45}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9D7368BC-A55E-4938-8A65-627D4D2E8A04}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{8AB24646-3B36-46B1-973E-644F9C97D85C}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{8072649B-5B22-4A4C-828C-21DF5D237132}] => (Allow) E:\SteamLibrary\steamapps\common\Feudal Alloy\FeudalAlloy.exe () [File not signed]
FirewallRules: [{FB84E9FF-7254-4D4F-A79B-B04994BB25CE}] => (Allow) E:\SteamLibrary\steamapps\common\Feudal Alloy\FeudalAlloy.exe () [File not signed]
FirewallRules: [{F1F14FD5-5102-4A9E-8B7E-7EFBD90CC9AE}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{0565D24F-0F84-4693-B484-4377DA4ADD29}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [TCP Query User{63CB55BD-21CE-425B-9CA3-89E2D23CF93D}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{A53851F8-B894-4EAB-A621-F30480F54945}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{312CEA12-635C-4BED-8C05-5371356184C7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C71FC1DB-FF13-488D-BA6E-173889CD92B2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{96C94DE2-4D90-4AE8-B185-A0BCC2A671FF}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{D68BA7B5-D6CB-43F2-86CA-2EC9343B7F65}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [{91E1E983-65B4-4592-8704-4E5D101933BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7E86F6ED-2C8F-4025-9F5D-DB31A2E06B8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{A04E6724-3A78-4EBF-9759-530055ADD12D}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [UDP Query User{0AC26449-5B2B-47D7-B39E-EB7A9E11317F}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [{61E548BD-1298-423F-9DB0-8BD752E2C39F}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{EF93BCA7-893D-405D-87FE-D6EBFAE83A78}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{342E84FF-DD53-4F01-B0DF-1927F8FE7720}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{4F2143AD-6916-43C3-8DD5-27BC0C1D61D2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{784551B7-A9D1-4662-BF5E-9AB8C1D5185A}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{AFFC1CAB-C1B6-4F79-8B14-E2870D68B90F}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2D300829-2347-4220-8B9B-D0BEE45F413C}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{CB5A2866-777A-460D-A6D1-2E4D4054A724}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{4BF99C42-5543-48FB-BE27-D307F5D5A873}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E3F23C50-58C7-4ACA-9550-034A93F44D90}] => (Allow) E:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{7241358D-2689-4B96-BD9C-783949E853FD}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{6039BFC8-5B4B-4C8C-B47A-E79196ED0BFF}] => (Allow) E:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{A4840C8D-BD5D-4DD2-9AA4-57FE01C72597}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{000BAF0A-E888-40AC-B5EA-33D74E8B51CA}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [TCP Query User{E5775D98-719B-4849-80AC-C5C8281F4687}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4AC9FD47-02A2-436E-9FBB-B83C7D8BADCF}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{F8D2C07E-E10A-4C2F-9397-C1017EBEE2F9}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8F585E3B-E625-4605-9DCA-64C924951D7B}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{9AE191BE-68AE-46F1-8AE6-A2045A2B268F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{21899610-5522-425C-99C1-E5D3F7E85EE5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1BDE2122-C6A2-4EBB-A8DC-971213346749}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6986E38-0196-4444-9B3E-75BF626BC5E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5E71D10-0FA1-4649-9DDA-AD5323F73F5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E42917C-8A67-471B-9494-17681DBCD8E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57B6401D-4B91-49F6-A188-6C1D1C5313AA}] => (Allow) E:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{91C41E83-74F7-49CE-BF53-CC3E5F4AF6B7}] => (Allow) E:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D9C39D4B-CE80-4C02-8F16-8B6F773987EF}E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{8D626E39-A9DD-47E5-9787-D160948166CB}E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [{3D4B080D-74EE-4B32-847C-B67A227AAEED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC8E3264-816E-46A4-97BA-02DE01B08B2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C7C35E-E299-4E29-A0F7-3D80129F5EAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CD26618-1BB4-41D9-86DF-676D2E3F7538}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B92B698-3274-4872-A5F7-CE568D8FD1FE}] => (Allow) E:\DaVinciResolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{570F4448-C8BC-4261-80D1-190873A929D8}] => (Allow) E:\DaVinciResolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FFBA59F4-42C0-407D-B8B8-5F5B551F70D1}] => (Allow) E:\DaVinciResolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4C045FA7-B0CB-49E0-8410-83578FC163E3}] => (Allow) E:\DaVinciResolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{729B8E27-2EB6-4043-9B64-AA8B7366358E}] => (Allow) E:\DaVinciResolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F0256CCF-1D46-4C3A-953A-9519C142C1DF}] => (Allow) E:\DaVinciResolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4FFC04F5-E5DD-47BB-B2E5-CA0940DEB9A8}] => (Allow) E:\DaVinciResolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{8855A561-3982-46E0-AFCC-BFFEFD9828F0}] => (Allow) E:\DaVinciResolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{595C3A98-0A0D-4E32-A404-DD4278CC5F7D}] => (Allow) E:\DaVinciResolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A0A5EB5A-C59C-4133-815B-4695F301EA7B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{20E0A3C9-26DA-4011-96DA-BAD983DA2D41}E:\davinciresolve\fuscript.exe] => (Allow) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{6344FD91-CCF5-48A5-BCBE-8B56D203F069}E:\davinciresolve\fuscript.exe] => (Allow) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B9059C58-D5AA-4076-A4F2-8C1696D5B0E4}] => (Block) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E35F76C9-62D0-4C5A-BA22-3E3A48F48EC0}] => (Block) E:\davinciresolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E2F7A4FF-1185-4FB1-9971-BD2E7834B328}] => (Allow) D:\SteamLibrary\steamapps\common\OUTRIDERS Demo\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{E1D33A19-9092-43B8-9B82-57F621F4304F}] => (Allow) D:\SteamLibrary\steamapps\common\OUTRIDERS Demo\EAC_OUTRIDERS.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{97A20D36-5EB8-4828-84BF-AEF7635EB84C}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{5A301A4F-FBDE-42AC-A1AE-47276EB5F756}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [{50E92310-2EC0-45D6-9730-266B0E71DE3D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.64 GB) (Free:20.36 GB) (18%)

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/16/2021 09:42:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.19041.6165, časové razítko: 0xe297f3f8
Název chybujícího modulu: GamingServices.DLL, verze: 10.0.19041.6165, časové razítko: 0x4e31a05a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b2a3a
ID chybujícího procesu: 0x1814
Čas spuštění chybující aplikace: 0x01d717aacae6ecfb
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe\GamingServices.DLL
ID zprávy: 2bab376a-385c-463c-9314-3d22cb296b17
Úplný název chybujícího balíčku: Microsoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices

Error: (03/15/2021 10:10:54 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/08/2021 05:00:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/08/2021 03:38:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{69dd954c-74aa-da7f-58d7-4ecfeb8d976c}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{b2ee08b5-eb03-5bc4-6505-e44b5aab1942}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2021 07:12:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/27/2021 11:36:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.19041.5520, časové razítko: 0x20d25d3e
Název chybujícího modulu: GamingServices.DLL, verze: 10.0.19041.5520, časové razítko: 0x05f6d9ce
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000013e3d
ID chybujícího procesu: 0x172c
Čas spuštění chybující aplikace: 0x01d70cf45efaf51f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe\GamingServices.DLL
ID zprávy: 46df62ca-ad20-4426-b2c4-7e5f736c731d
Úplný název chybujícího balíčku: Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices


System errors:
=============
Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Kerio Control VPN Client Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 15000 milisekund: Restartovat službu.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server VSS Writer byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba LGHUB Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EPSON V3 Service4(01) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/19/2021 09:01:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EPSON V5 Service4(01) byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-03-17 12:29:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E5FDCB6-7FF7-4842-A688-C436C54D5BB7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-15 10:07:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B55EDC1F-0F79-4B80-A148-75DDDDEF9569}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-15 08:29:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C986A6F9-B752-4B09-889E-37CA4CA3BA5A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-12 12:13:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {749154A4-1F9C-4226-8611-24EE55D1BD88}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 10:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {872BCD05-F554-4DFF-A704-7E4DC8DA80FA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2020-11-14 17:20:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Users\sando\AppData\Local\Discord\app-0.0.308\Discord.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.157.2.17\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-13 20:52:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.157.2.17\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.B0 05/11/2016
Motherboard: MSI Z170-A PRO (MS-7971)
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 33%
Total physical RAM: 16346.86 MB
Available physical RAM: 10804.32 MB
Total Virtual: 19930.86 MB
Available Virtual: 12328.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.64 GB) (Free:20.36 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:476.92 GB) (Free:438.74 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:123.23 GB) NTFS
Drive g: (HiSuite) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{e5dfc605-ac96-40f0-9580-eb1d30b6f97c}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{fefa7ed6-a4b7-48f6-957e-73dcf26bb678}\ () (Fixed) (Total:0.54 GB) (Free:0.12 GB) NTFS
\\?\Volume{30eba1af-13a1-40ae-a5d2-918d1d4a8f8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7B743737)

Partition: GPT.

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 1CC3A061)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {8c612db2-43ce-11eb-be98-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {c14b0e49-e445-11ea-be89-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {f987ae13-6813-11eb-bea2-4ccc6a415d5d} - "G:\HiSuiteDownLoader.exe"
FirewallRules: [UDP Query User{456503D4-9E28-4E15-979C-3DC1679A6EF3}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [TCP Query User{37152143-B6E3-4BB6-AB8D-8CED5F3FC330}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [UDP Query User{2C4396C2-0623-4B13-A6B3-7642EEE0D7B8}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [TCP Query User{01F3F060-B3F3-4232-8AFF-1AE03957855D}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [UDP Query User{4A95D6E0-13A1-4083-B91E-3BEE3A5C2DB2}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{FC022C28-9E38-4518-9124-86D166E7A895}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{A071767C-430A-43B6-9F9B-D04281C14F7B}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{CC85E576-B803-4745-B44A-D05A9563DA2C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{E2AC1E2A-78A5-47CD-A8B1-7C6B79075BA5}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [TCP Query User{D9ACAB79-B8C2-4CA9-95DE-A3F501C03DA0}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [{7D877B99-8E65-41D3-B0FD-985E4AA991F7}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{E2F540B2-9291-4A68-AF37-29EFC2ED747D}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D37B931D-2F08-4444-AE63-CBE149262D7F}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{1F6D2C26-062C-4AB5-978A-F06378927A17}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [UDP Query User{34D170E1-9978-4A3F-B93A-D9A7531ADD8E}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AF01C42-03D9-479B-9CCC-F49191186DEC}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [{8BC2CB01-640D-46C6-B088-B96568CE95CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0E47E307-C0AD-4F11-A2D2-F5BA8A575700}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F1F14FD5-5102-4A9E-8B7E-7EFBD90CC9AE}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{0565D24F-0F84-4693-B484-4377DA4ADD29}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [TCP Query User{63CB55BD-21CE-425B-9CA3-89E2D23CF93D}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{A53851F8-B894-4EAB-A621-F30480F54945}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{A04E6724-3A78-4EBF-9759-530055ADD12D}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [UDP Query User{0AC26449-5B2B-47D7-B39E-EB7A9E11317F}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [{61E548BD-1298-423F-9DB0-8BD752E2C39F}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{EF93BCA7-893D-405D-87FE-D6EBFAE83A78}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{342E84FF-DD53-4F01-B0DF-1927F8FE7720}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{4F2143AD-6916-43C3-8DD5-27BC0C1D61D2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{2D300829-2347-4220-8B9B-D0BEE45F413C}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{CB5A2866-777A-460D-A6D1-2E4D4054A724}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [TCP Query User{E5775D98-719B-4849-80AC-C5C8281F4687}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4AC9FD47-02A2-436E-9FBB-B83C7D8BADCF}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{4FFC04F5-E5DD-47BB-B2E5-CA0940DEB9A8}] => (Allow) E:\DaVinciResolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{8855A561-3982-46E0-AFCC-BFFEFD9828F0}] => (Allow) E:\DaVinciResolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{A0A5EB5A-C59C-4133-815B-4695F301EA7B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{97A20D36-5EB8-4828-84BF-AEF7635EB84C}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{5A301A4F-FBDE-42AC-A1AE-47276EB5F756}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File

EmptyTemp:
End
Uložte do C:\Users\sando\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#9 Příspěvek od Brdská Panda »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by sando (20-03-2021 11:48:21) Run:1
Running from C:\Users\sando\Downloads
Loaded Profiles: sando
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {8c612db2-43ce-11eb-be98-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {c14b0e49-e445-11ea-be89-4ccc6a415d5d} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\...\MountPoints2: {f987ae13-6813-11eb-bea2-4ccc6a415d5d} - "G:\HiSuiteDownLoader.exe"
FirewallRules: [UDP Query User{456503D4-9E28-4E15-979C-3DC1679A6EF3}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [TCP Query User{37152143-B6E3-4BB6-AB8D-8CED5F3FC330}E:\hry\uplaylibrary\hyper scape\hyperscape.exe] => (Allow) E:\hry\uplaylibrary\hyper scape\hyperscape.exe => No File
FirewallRules: [UDP Query User{2C4396C2-0623-4B13-A6B3-7642EEE0D7B8}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [TCP Query User{01F3F060-B3F3-4232-8AFF-1AE03957855D}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe] => (Allow) C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe => No File
FirewallRules: [UDP Query User{4A95D6E0-13A1-4083-B91E-3BEE3A5C2DB2}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{FC022C28-9E38-4518-9124-86D166E7A895}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{A071767C-430A-43B6-9F9B-D04281C14F7B}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{CC85E576-B803-4745-B44A-D05A9563DA2C}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{E2AC1E2A-78A5-47CD-A8B1-7C6B79075BA5}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [TCP Query User{D9ACAB79-B8C2-4CA9-95DE-A3F501C03DA0}E:6\worms w.m.d.exe] => (Allow) E:6\worms w.m.d.exe => No File
FirewallRules: [{7D877B99-8E65-41D3-B0FD-985E4AA991F7}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{E2F540B2-9291-4A68-AF37-29EFC2ED747D}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{D37B931D-2F08-4444-AE63-CBE149262D7F}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{1F6D2C26-062C-4AB5-978A-F06378927A17}] => (Allow) E:\Hry\EpicLibrary\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [UDP Query User{34D170E1-9978-4A3F-B93A-D9A7531ADD8E}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [TCP Query User{5AF01C42-03D9-479B-9CCC-F49191186DEC}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe] => (Allow) E:\hry\epiclibrary\reddeadredemption2\rdr2.exe => No File
FirewallRules: [{8BC2CB01-640D-46C6-B088-B96568CE95CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0E47E307-C0AD-4F11-A2D2-F5BA8A575700}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F1F14FD5-5102-4A9E-8B7E-7EFBD90CC9AE}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{0565D24F-0F84-4693-B484-4377DA4ADD29}] => (Allow) E:\Hry\OriginLibrary\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [TCP Query User{63CB55BD-21CE-425B-9CA3-89E2D23CF93D}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{A53851F8-B894-4EAB-A621-F30480F54945}E:\hry\originlibrary\apex\r5apex.exe] => (Allow) E:\hry\originlibrary\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{A04E6724-3A78-4EBF-9759-530055ADD12D}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [UDP Query User{0AC26449-5B2B-47D7-B39E-EB7A9E11317F}E:\hry\bethesda games\fallout76\fallout76.exe] => (Allow) E:\hry\bethesda games\fallout76\fallout76.exe => No File
FirewallRules: [{61E548BD-1298-423F-9DB0-8BD752E2C39F}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{EF93BCA7-893D-405D-87FE-D6EBFAE83A78}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe => No File
FirewallRules: [{342E84FF-DD53-4F01-B0DF-1927F8FE7720}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{4F2143AD-6916-43C3-8DD5-27BC0C1D61D2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe => No File
FirewallRules: [{2D300829-2347-4220-8B9B-D0BEE45F413C}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{CB5A2866-777A-460D-A6D1-2E4D4054A724}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [TCP Query User{E5775D98-719B-4849-80AC-C5C8281F4687}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{4AC9FD47-02A2-436E-9FBB-B83C7D8BADCF}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{4FFC04F5-E5DD-47BB-B2E5-CA0940DEB9A8}] => (Allow) E:\DaVinciResolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{8855A561-3982-46E0-AFCC-BFFEFD9828F0}] => (Allow) E:\DaVinciResolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{A0A5EB5A-C59C-4133-815B-4695F301EA7B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{97A20D36-5EB8-4828-84BF-AEF7635EB84C}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File
FirewallRules: [UDP Query User{5A301A4F-FBDE-42AC-A1AE-47276EB5F756}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c612db2-43ce-11eb-be98-4ccc6a415d5d} => removed successfully
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c14b0e49-e445-11ea-be89-4ccc6a415d5d} => removed successfully
HKU\S-1-5-21-2755401169-3200857975-537483308-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f987ae13-6813-11eb-bea2-4ccc6a415d5d} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{456503D4-9E28-4E15-979C-3DC1679A6EF3}E:\hry\uplaylibrary\hyper scape\hyperscape.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{37152143-B6E3-4BB6-AB8D-8CED5F3FC330}E:\hry\uplaylibrary\hyper scape\hyperscape.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C4396C2-0623-4B13-A6B3-7642EEE0D7B8}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{01F3F060-B3F3-4232-8AFF-1AE03957855D}C:1\maine\binaries\winanvil\maine-winanvil-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4A95D6E0-13A1-4083-B91E-3BEE3A5C2DB2}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FC022C28-9E38-4518-9124-86D166E7A895}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A071767C-430A-43B6-9F9B-D04281C14F7B}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CC85E576-B803-4745-B44A-D05A9563DA2C}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2AC1E2A-78A5-47CD-A8B1-7C6B79075BA5}E:6\worms w.m.d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D9ACAB79-B8C2-4CA9-95DE-A3F501C03DA0}E:6\worms w.m.d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D877B99-8E65-41D3-B0FD-985E4AA991F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F540B2-9291-4A68-AF37-29EFC2ED747D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D37B931D-2F08-4444-AE63-CBE149262D7F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F6D2C26-062C-4AB5-978A-F06378927A17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{34D170E1-9978-4A3F-B93A-D9A7531ADD8E}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AF01C42-03D9-479B-9CCC-F49191186DEC}E:\hry\epiclibrary\reddeadredemption2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BC2CB01-640D-46C6-B088-B96568CE95CA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E47E307-C0AD-4F11-A2D2-F5BA8A575700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1F14FD5-5102-4A9E-8B7E-7EFBD90CC9AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0565D24F-0F84-4693-B484-4377DA4ADD29}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{63CB55BD-21CE-425B-9CA3-89E2D23CF93D}E:\hry\originlibrary\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A53851F8-B894-4EAB-A621-F30480F54945}E:\hry\originlibrary\apex\r5apex.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A04E6724-3A78-4EBF-9759-530055ADD12D}E:\hry\bethesda games\fallout76\fallout76.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AC26449-5B2B-47D7-B39E-EB7A9E11317F}E:\hry\bethesda games\fallout76\fallout76.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61E548BD-1298-423F-9DB0-8BD752E2C39F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF93BCA7-893D-405D-87FE-D6EBFAE83A78}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{342E84FF-DD53-4F01-B0DF-1927F8FE7720}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F2143AD-6916-43C3-8DD5-27BC0C1D61D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D300829-2347-4220-8B9B-D0BEE45F413C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB5A2866-777A-460D-A6D1-2E4D4054A724}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E5775D98-719B-4849-80AC-C5C8281F4687}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4AC9FD47-02A2-436E-9FBB-B83C7D8BADCF}E:\hry\epiclibrary\cyberpunk2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FFC04F5-E5DD-47BB-B2E5-CA0940DEB9A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8855A561-3982-46E0-AFCC-BFFEFD9828F0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0A5EB5A-C59C-4133-815B-4695F301EA7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{97A20D36-5EB8-4828-84BF-AEF7635EB84C}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A301A4F-FBDE-42AC-A1AE-47276EB5F756}D:\blizzardlibrary\call of duty black ops cold war\blackopscoldwar.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 269342179 B
Java, Flash, Steam htmlcache => 418923402 B
Windows/system/drivers => 77399648 B
Edge => 4030730 B
Firefox => 1234988866 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 267034 B
sando => 103488484 B

RecycleBin => 6133448646 B
EmptyTemp: => 7.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:49:26 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#11 Příspěvek od Brdská Panda »

Bohužel W. Defender hlásí i po restartu totéž...
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#12 Příspěvek od Rudy »

Vysypte koš.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#13 Příspěvek od Brdská Panda »

Vysypáno, restartováno, ale bohužel žádná změna.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Detekováno: Program: Win32/Uwasson.A!ml

#14 Příspěvek od Rudy »

Ovlivněná položka je jednoznačně v koši (Recycle bin). Zkuste sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Popis v odkazu je ne starší verzi. Utilitu stáhněte, spusťte, nechte pracovat a po skonční akce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Brdská Panda
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 19 bře 2021 19:03

Re: Detekováno: Program: Win32/Uwasson.A!ml

#15 Příspěvek od Brdská Panda »

Výborně, prevít je pryč. Moc děkuji za Váš čas Rudy, jste nejlepší! Posílám nějaký drobák. :)

Odpovědět