Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
vg38
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 18 úno 2010 18:12

Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#1 Příspěvek od vg38 »

Zdravím,
microsoft defender mi zahlásil detekci souboru na trojan. Jedná se o .zip soubor s fotkou, který je v počítači skoro 4 roky. Když ho zkusím stáhnout znovu, tak defender spuštění okamžitě zablokuje. Jedná se falešnou detekci defenderu po nějakém updatu definicí nebo mám v počítači "nepořádek"? Při testu přes virustotal to žádný z antivirů (kupodivu ani microsoft defender) nedetekoval jako problémový soubor.
Děkuji


FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by vitan (administrator) on DESKTOP-OKDB3FQ (Dell Inc. Inspiron 7559) (22-03-2021 17:48:01)
Running from C:\Users\vitan\Desktop
Loaded Profiles: vitan
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\LiveUpdateSyncCheck.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ROG Armoury\Tools\Mutually Exclusive AURA Agent.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\NahimicAPISvc64.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\118.4.460\QtWebEngineProcess.exe <2>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-29] (Dell Inc -> Dell Inc.) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Asus Headset Svc64] => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
HKLM\...\Run: [Asus Headset Svc32] => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992040 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\vitan\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\vitan\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\RunOnce: [Uninstall 21.016.0124.0003\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vitan\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\amd64"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\RunOnce: [Uninstall 21.016.0124.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vitan\AppData\Local\Microsoft\OneDrive\21.016.0124.0003"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] () [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP1100LM: HP1100LM.DLL
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-16] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00AF4839-2A4C-4A6D-8A63-495A7BBEDD8F} - System32\Tasks\NahimicAPISvc32Run => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
Task: {0DC2FAEE-553B-4AB3-9842-C62DFD7DD92B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17DF9011-AB27-4E63-BD93-FBE836C2FCE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D45688D-B5E7-4AA0-9ACD-E0368AA68CF0} - System32\Tasks\ASUS\ArmouryLiveUpdate => C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe [1462760 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {2221A198-ECC3-4233-8EC1-5EFC0CE3A97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {261A4256-713F-47D8-B9C2-28D61B708BFC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {2EACC429-732C-45B8-BA58-C91F14B9440B} - System32\Tasks\ASUS\ledcontrolservice3 => C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe [2557744 2020-01-08] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {4D62D043-D4AE-4E9F-BF82-5B9AC9CF5DCA} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {5FE110AD-9294-4134-81B4-7924AC88E263} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6C2FE804-AE70-496E-B1C2-D49AEB5E3282} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79E9E3A7-82AA-40C8-AC59-3C62E028628E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {7A87F89E-57CA-43DA-9F16-2A01E8B0F6FB} - System32\Tasks\ASUS\MacroAgent => C:\Program Files (x86)\ASUS\ROG Armoury\MacroAgent.exe [77960 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {7D8A2083-BE67-4451-9DDF-961D18EFCA62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83672EDC-5E9B-427E-9A1E-0C82B4E2AE33} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {860D7FCD-4277-4961-9153-5B40EAA75D2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {878D8E25-E92D-42A2-B1BF-BA0BB57DB977} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B3B8EBE-AC70-4129-8C36-C995AC8B5310} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {92C70E44-87B6-424B-9046-118C14769259} - System32\Tasks\G2MUpdateTask-S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9AD913F9-0953-436E-A82E-25F7191C3426} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2020-11-16] (Microsoft Corporation -> Microsoft)
Task: {9CA5477E-F689-41AB-B2D4-D85321CCE05A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {9DA2FEE6-389A-487F-85BC-24B01F39282D} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A5BB907F-41A3-4183-9147-C503BCD9C075} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC8CD193-D544-4021-979B-C1C40E0B1F3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD95250F-4D37-44B8-B7C6-9DA30F7F703C} - System32\Tasks\ASUS\P508PowerAgent => C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [51120 2019-11-01] (ASUSTeK Computer Inc. -> )
Task: {AF2DE640-B241-4E40-A55B-157B34A8A829} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B37C33A4-A4E1-4D61-BA4D-D4BBE979826E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B541A670-41E4-49E2-B41B-5A4928E81572} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BD1A689B-A5F7-4E68-8962-504EE1940CD3} - System32\Tasks\NahimicAPISvc64Run => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
Task: {BEB1F5B0-B77A-4D18-A030-8EDFA6F300D9} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [210808 2020-11-16] (Microsoft Corporation -> )
Task: {C7B9149B-ECE4-456B-AEDB-FEC3A4EFFC4A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {CA4E1AA1-E7AD-4819-81EB-DF2AC49216C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA60C5AF-51DE-4F28-814B-AA8D53601A6E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {E0E9C35F-58D8-467B-B7AD-0A6D7957E3E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E2B914E2-91EE-442B-B9FB-91F1B4714640} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBC21419-0A60-4818-8391-492C3B0C8045} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EEA4A1D2-0464-43B5-8A9A-3371847B5F66} - System32\Tasks\G2MUploadTask-S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FBA864D1-9073-480D-AB96-C7F549834078} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-360870364-2460480245-4270640079-1001.job => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-360870364-2460480245-4270640079-1001.job => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.120
Tcpip\..\Interfaces\{041ce7c3-f399-4936-844c-f0966ea52823}: [DhcpNameServer] 195.113.0.2 195.113.44.11
Tcpip\..\Interfaces\{0a0a18a7-3a33-44fd-8f57-4a0239f9f703}: [DhcpNameServer] 192.168.1.120

Edge:
=======
Edge Profile: C:\Users\vitan\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-18]

FireFox:
========
FF DefaultProfile: udm6okhk.default
FF DefaultProfile: 9b7e3qid.default
FF ProfilePath: C:\Users\vitan\AppData\Roaming\Zotero\Zotero\Profiles\udm6okhk.default [2020-11-23]
FF ProfilePath: C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default [2021-03-22]
FF Homepage: Mozilla\Firefox\Profiles\9b7e3qid.default -> seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\9b7e3qid.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\9b7e3qid.default -> hxxps://mail.google.com
FF Extension: (Privacy Badger) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-03-10]
FF Extension: (uBlock Origin) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Zotero Connector) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\zotero@chnm.gmu.edu.xpi [2021-03-13] [UpdateUrl:hxxps://www.zotero.org/download/connector/firef ... dates.json]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default [2021-03-22]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-30]
CHR Extension: (uBlock Origin) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-22]
CHR Extension: (Tabulky) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 ArmouryLiveUpdate; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_5b63afd65d075939\ArmouryLiveUpdate.exe [576216 2020-12-10] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2021-02-25] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-10-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-10-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-05-02] (ASUSTeK Computer Inc. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-09-17] (AVAST Software s.r.o. -> The OpenVPN Project)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2021-03-16] (Dell Inc. -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 MpKsl01c1c48b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17151E01-2AB7-4F68-B2D7-FB084CBBA8EC}\MpKslDrv.sys [90360 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Marvell Semiconductor, Inc.) [File not signed]
S3 ROGMS; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_5b63afd65d075939\ROGMS.sys [33928 2020-12-10] (ASUSTeK Computer Inc. -> )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 17:48 - 2021-03-22 17:50 - 000031853 _____ C:\Users\vitan\Desktop\FRST.txt
2021-03-22 17:47 - 2021-03-22 17:49 - 000000000 ____D C:\FRST
2021-03-22 17:47 - 2021-03-22 17:47 - 002300928 _____ (Farbar) C:\Users\vitan\Desktop\FRST64.exe
2021-03-19 12:54 - 2021-03-19 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-17 14:15 - 2021-03-13 07:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-17 14:15 - 2021-03-13 07:24 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000678688 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000671536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000546064 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000556824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 008306448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 007429936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 001730832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446192.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 001490224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446192.dll
2021-03-17 14:15 - 2021-03-13 07:17 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-03-16 11:46 - 2021-03-16 11:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-15 22:18 - 2021-03-16 11:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-13 15:30 - 2021-03-13 15:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 15:30 - 2021-03-13 15:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 15:30 - 2021-03-13 15:30 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 15:30 - 2021-03-13 15:30 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000374096 _____ C:\WINDOWS\system32\vp9fs.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-09 16:01 - 2021-03-09 16:01 - 000000000 ____D C:\Users\vitan\Jedi
2021-03-09 13:28 - 2021-03-09 13:28 - 000002366 _____ C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-03-09 13:28 - 2021-03-09 13:28 - 000000000 ____D C:\Users\vitan\AppData\Roaming\Teams
2021-03-08 13:14 - 2021-03-08 13:14 - 000000752 _____ C:\Users\vitan\AppData\Local\recently-used.xbel
2021-03-07 22:34 - 2021-03-07 22:34 - 000177312 _____ C:\battery-report.html
2021-03-07 19:01 - 2021-03-07 19:13 - 616793515 _____ C:\Users\vitan\Downloads\OpenFOAM-v2012-windows10.tgz
2021-03-07 18:43 - 2021-03-13 15:33 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2021-03-07 18:43 - 2021-03-07 18:43 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2021-03-07 18:43 - 2021-03-07 18:43 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-03-07 13:47 - 2021-03-07 13:47 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-07 13:46 - 2021-03-07 13:46 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Roaming\Apple Computer
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Local\SmallWorld
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Local\Apple Computer
2021-02-25 21:10 - 2021-02-25 22:17 - 000000000 ____D C:\Users\vitan\AppData\Local\Days of Wonder
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\Users\vitan\AppData\Local\ArmouryLiveUpdate
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\Users\vitan\AppData\Local\AcLoader
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\ProgramData\ASUS
2021-02-25 11:58 - 2021-02-25 11:58 - 000000000 ____D C:\Program Files (x86)\DummyDir
2021-02-23 17:06 - 2021-03-13 15:34 - 000000000 ____D C:\Program Files\NahimicAPI
2021-02-23 17:06 - 2021-02-23 17:06 - 000003188 _____ C:\WINDOWS\system32\Tasks\NahimicAPISvc32Run
2021-02-23 17:06 - 2021-02-23 17:06 - 000003180 _____ C:\WINDOWS\system32\Tasks\NahimicAPISvc64Run
2021-02-23 17:06 - 2021-02-23 17:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-02-23 17:05 - 2020-03-31 16:43 - 000033912 _____ C:\WINDOWS\system32\Drivers\ROGMS.sys
2021-02-23 17:05 - 2019-05-02 15:48 - 000120880 _____ C:\WINDOWS\system32\AsIO2.dll
2021-02-23 17:05 - 2019-05-02 15:48 - 000095280 _____ C:\WINDOWS\SysWOW64\AsIO2.dll
2021-02-23 17:05 - 2019-05-02 15:48 - 000033832 _____ C:\WINDOWS\system32\Drivers\AsIO2.sys
2021-02-23 17:04 - 2021-02-25 15:36 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-22 16:05 - 2021-02-22 16:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 17:34 - 2019-02-05 10:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-22 17:34 - 2016-11-28 22:30 - 000000000 ____D C:\Users\vitan\AppData\LocalLow\Mozilla
2021-03-22 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-22 16:16 - 2016-12-14 18:02 - 000002292 ____H C:\Users\vitan\Documents\Default.rdp
2021-03-22 16:15 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-22 15:51 - 2019-04-07 14:01 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-03-22 15:02 - 2016-11-29 13:19 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-22 14:35 - 2020-07-18 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-22 12:25 - 2017-04-13 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-22 01:19 - 2016-11-30 11:51 - 000000000 ____D C:\Users\vitan\AppData\Local\CrashDumps
2021-03-21 19:56 - 2019-10-09 21:23 - 000000000 ____D C:\Users\vitan\.conda
2021-03-21 19:07 - 2019-10-09 21:26 - 000000000 ____D C:\Users\vitan\.spyder-py3
2021-03-21 18:14 - 2019-10-09 21:23 - 000000043 _____ C:\Users\vitan\.condarc
2021-03-20 16:31 - 2016-12-20 00:50 - 000000000 ____D C:\Users\vitan\AppData\Roaming\KeePass
2021-03-20 14:24 - 2020-06-09 16:25 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-20 14:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-20 14:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-19 12:54 - 2016-08-05 22:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-17 19:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-17 14:17 - 2016-11-28 21:27 - 000000000 ____D C:\Users\vitan\AppData\Local\NVIDIA
2021-03-17 14:16 - 2017-04-13 11:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-03-16 15:30 - 2016-11-30 19:19 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-16 11:46 - 2016-11-28 22:30 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-16 11:46 - 2016-11-28 22:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-16 10:36 - 2018-02-15 09:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 13:09 - 2020-07-18 18:25 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-360870364-2460480245-4270640079-1001
2021-03-15 13:09 - 2020-07-18 17:46 - 000002363 _____ C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 13:09 - 2016-11-28 21:32 - 000000000 ___RD C:\Users\vitan\OneDrive
2021-03-13 15:41 - 2020-07-18 18:22 - 001797014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-13 15:41 - 2019-12-07 15:41 - 000753578 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-13 15:41 - 2019-12-07 15:41 - 000163100 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-13 15:33 - 2020-07-18 18:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-13 15:33 - 2020-07-18 18:18 - 000456736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 15:33 - 2020-07-18 18:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-13 15:33 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-13 15:33 - 2016-11-28 21:27 - 000000000 __SHD C:\Users\vitan\IntelGraphicsProfiles
2021-03-13 15:32 - 2020-07-18 17:46 - 000000000 ____D C:\Users\vitan
2021-03-13 15:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-13 07:17 - 2020-07-16 16:40 - 007119832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-12 10:12 - 2018-06-23 15:47 - 000000525 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-11 13:35 - 2016-11-28 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 13:28 - 2016-11-28 23:08 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 13:27 - 2016-11-30 23:51 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 06:13 - 2020-07-16 16:40 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-11 02:17 - 2017-04-13 11:05 - 005627760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-03-11 02:17 - 2017-04-13 11:05 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 009524317 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-03-11 02:16 - 2017-04-13 11:05 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-03-09 20:54 - 2019-10-09 20:54 - 000000000 ____D C:\Users\vitan\Anaconda3
2021-03-09 15:59 - 2019-10-09 21:26 - 000000000 ____D C:\Users\vitan\.matplotlib
2021-03-09 13:35 - 2016-11-29 00:56 - 000000000 ____D C:\Users\vitan\AppData\Local\ConnectedDevicesPlatform
2021-03-09 13:28 - 2020-12-14 14:56 - 000000000 ____D C:\Users\vitan\AppData\Local\SquirrelTemp
2021-03-07 20:09 - 2020-03-18 13:34 - 000000000 ____D C:\Users\vitan\AppData\Roaming\ParaView
2021-03-07 18:48 - 2018-12-16 02:54 - 000000000 ____D C:\ProgramData\Packages
2021-03-07 18:48 - 2018-05-02 03:11 - 000000000 ____D C:\Users\vitan\AppData\Local\PlaceholderTileLogoFolder
2021-03-07 18:48 - 2017-10-19 00:12 - 000000000 ____D C:\Users\vitan\AppData\Local\Packages
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-04 22:02 - 2020-07-18 18:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 22:02 - 2020-07-18 18:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-26 09:00 - 2020-07-18 18:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2017-04-13 11:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-26 09:00 - 2017-04-13 11:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-25 00:02 - 2017-01-06 21:03 - 000000000 ____D C:\Users\vitan\Documents\Sports Interactive
2021-02-25 00:02 - 2017-01-06 21:03 - 000000000 ____D C:\Users\vitan\AppData\Local\Sports Interactive
2021-02-24 22:26 - 2016-11-28 21:28 - 000000000 ___RD C:\Users\vitan\Dropbox
2021-02-24 13:42 - 2020-07-16 16:40 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET63DD.tmp
2021-02-23 17:04 - 2016-08-05 22:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories ========

2018-03-06 09:30 - 2019-08-20 09:39 - 000000251 _____ () C:\Users\vitan\AppData\Roaming\gnuplot_history
2016-11-29 23:44 - 2020-12-15 22:13 - 000000128 _____ () C:\Users\vitan\AppData\Roaming\winscp.rnd
2020-02-22 21:55 - 2020-10-16 11:03 - 000000081 _____ () C:\Users\vitan\AppData\Local\.bidstack.fault
2016-11-29 23:42 - 2020-06-08 04:29 - 000000600 _____ () C:\Users\vitan\AppData\Local\PUTTY.RND
2021-03-08 13:14 - 2021-03-08 13:14 - 000000752 _____ () C:\Users\vitan\AppData\Local\recently-used.xbel
2016-11-28 23:24 - 2020-12-15 20:28 - 000007652 _____ () C:\Users\vitan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by vitan (22-03-2021 17:52:55)
Running from C:\Users\vitan\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2020-07-18 17:25:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-360870364-2460480245-4270640079-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-360870364-2460480245-4270640079-503 - Limited - Disabled)
Guest (S-1-5-21-360870364-2460480245-4270640079-501 - Limited - Disabled)
vitan (S-1-5-21-360870364-2460480245-4270640079-1001 - Administrator - Enabled) => C:\Users\vitan
WDAGUtilityAccount (S-1-5-21-360870364-2460480245-4270640079-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Anaconda3 2019.07 (Python 3.7.3 64-bit) (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\Anaconda3 2019.07 (Python 3.7.3 64-bit)) (Version: 2019.07 - Anaconda, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.5 - Arduino LLC)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Canon MF4700 Series (HKLM\...\{47A8DB42-4E21-4d55-9931-D4F44CC3F03B}) (Version: 4.1.0.1 - CANON INC.)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 118.4.460 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Evince 2.32.0.145 (HKLM-x32\...\{AA38CC00-F12C-495E-AF00-7EE413D3BFB2}) (Version: 2.32.0.145 - (Custom build))
FM Genie Scout 17g version 1.1 17.3.2 (HKLM-x32\...\FM Genie Scout 17g_is1) (Version: 1.1 17.3.2 - )
FM Genie Scout 19g version 1.2 19.3.6 (HKLM\...\FM Genie Scout 19g_is1) (Version: 1.2 19.3.6 - )
FMRTE 20.2.3.19 (HKLM-x32\...\{14A58A15-B038-4C19-A024-3B6016F86A14}_is1) (Version: 20.2.3.19 - FMRTE)
FMSE19 (HKLM\...\{6FB376F5-791D-4FD4-A867-5B79FF252FB4}) (Version: 2.1.15.0 - AppCake Limited) Hidden
FMSE19 (HKLM-x32\...\{73ec807c-c46c-4993-a51d-2e8024771a44}) (Version: 2.1.15.0 - AppCake Limited)
Git version 2.10.1 (HKLM\...\Git_is1) (Version: 2.10.1 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\GitHubDesktop) (Version: 2.6.1 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.23) (Version: 9.23 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
icecap_collection_neutral (HKLM-x32\...\{7C703135-98AC-4EB9-86C0-0C3169C99649}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7C914878-C64B-4CA6-8E41-91308877A586}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{D3902E63-1FC9-4F66-953E-839733B26270}) (Version: 16.8.30607 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{4F864505-C6D3-43A3-BB76-347F5E858E59}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6859 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
JabRef (HKLM\...\{BBE5A83A-AE2E-3EBE-A656-EB812C2FF8F7}) (Version: 5.0.50001 - JabRef)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Lazarus 1.8.2 (HKLM\...\lazarus_is1) (Version: 1.8.2 - Lazarus Team)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3074.1022 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{2EC26D34-FB67-4C58-AC20-235697551222}) (Version: 10.0.3802 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiKTeX 2.9 (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.3.1 - Mozilla)
Mozilla Thunderbird 60.3.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.3.1 (x86 cs)) (Version: 60.3.1 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NahimicAPI 64-bit (HKLM\...\{AEC7880F-673E-458E-B3E0-A64BA9CE88D3}) (Version: 1.0.15.0 - Nahimic)
NHL™ 09 (HKLM-x32\...\{3C27AAE0-37AF-11DD-AE16-0800200C9A66}) (Version: 2.0.1.0 - Electronic Arts)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.2 - Notepad++ Team)
NVIDIA CUDA Development 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Documentation 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Runtime 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Samples 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_samples_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 8.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_8.0) (Version: 8.0 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 5.2.0.16321 (HKLM\...\{39F2CF8F-DE76-49F1-85D5-FC215853B709}) (Version: 5.2.0.16321 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
Octave 5.2.0 (HKLM\...\Octave-5.2.0) (Version: 5.2.0 - GNU Octave)
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
ParaView 5.8.0-Windows-Python3.7-msvc2015-64bit (HKLM-x32\...\ParaView 5.8.0-Windows-Python3.7-msvc2015-64bit) (Version: 5.8.0-Windows-Python3.7-msvc2015-64bit - Kitware, Inc.)
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProjectLibre (HKLM\...\{com.projectlibre1.main}}_is1) (Version: 1.9.1 - ProjectLibre)
Python 3.7.8 (64-bit) (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\{886f7e19-ca0e-4f00-9cb5-14f6506fea86}) (Version: 3.7.8150.0 - Python Software Foundation)
Python 3.7.8 Core Interpreter (64-bit symbols) (HKLM\...\{D5C2F5B5-AE03-4897-B7EB-88EDEB52E55F}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Core Interpreter (64-bit) (HKLM\...\{8DE1D24F-C0EA-42D5-87D0-7F3071932A15}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Development Libraries (64-bit) (HKLM\...\{BB556C96-3906-453B-B068-E17C1F13C814}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Documentation (64-bit) (HKLM\...\{A90E9216-6C61-4A2B-A18E-85EF9DF6A2C0}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Executables (64-bit symbols) (HKLM\...\{FAF0840F-75F4-4331-819A-C5B88251F402}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Executables (64-bit) (HKLM\...\{0EEFE4AC-ED52-4F6F-A726-A9030991B75D}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 pip Bootstrap (64-bit) (HKLM\...\{AD820C10-4106-47D5-B6BD-4B3CEA93E429}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Standard Library (64-bit symbols) (HKLM\...\{F7B2245C-D3F3-4CCC-A558-702AB2069D57}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Standard Library (64-bit) (HKLM\...\{68A406B0-F664-4882-8035-4015C78DDC93}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Tcl/Tk Support (64-bit symbols) (HKLM\...\{833EA197-6356-48B6-9E90-AE2D2CCC5479}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Tcl/Tk Support (64-bit) (HKLM\...\{223ADA3A-F506-428A-9244-C3EA445AD42A}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Test Suite (64-bit symbols) (HKLM\...\{F0759285-644B-4AAF-BB09-CA4592C12B89}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Test Suite (64-bit) (HKLM\...\{FE029834-AD26-45F1-B622-8DE59A8B1048}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python 3.7.8 Utility Scripts (64-bit) (HKLM\...\{3BDFA237-E962-435F-A556-A2BE2EE1464C}) (Version: 3.7.8150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B25A5062-540A-4141-80D3-50FA598523F3}) (Version: 3.7.7118.0 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
ROG Armoury (HKLM-x32\...\{FE703E21-A9E0-4DB3-9115-404175C8222F}) (Version: 3.00.44 - ASUSTeK Computer Inc.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{1AA664F4-B63F-74FD-35B6-993DDA3DEF81}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.64.84.1020 - Electronic Arts Inc.)
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{873B2737-D587-4FC9-993D-086DBF507461}) (Version: 4.0.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{7C6166AB-7B4D-47A1-840D-723D2B6A1DAC}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\5bbbfdf3) (Version: 16.8.30804.86 - Microsoft Corporation)
VMD 1.9.1 (HKLM-x32\...\{AC0F06C8-865D-4EC4-99CB-0714E2800880}) (Version: 1.9.1 - University of Illinois)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{DEB11EB7-B61A-4883-8CB0-99013A4873AB}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{E9439DB7-BF01-4820-8CB1-80957150AB86}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{8990F1B6-F880-4E73-A2D9-7A611F4C38A1}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{3C4B2ED3-2296-4203-A420-AC042BE8484D}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{2EE7854B-D67F-41D8-94F4-D885FA7C4385}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{4085E209-B871-4079-B58D-778D5293AFD5}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{08AF5DA9-F3BD-4B59-8D99-C47CC4D53CAD}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{4A143624-67D1-42E7-BADA-E3574DB7157E}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{BEEB2E56-91DB-4AFB-AC88-8E98B18DD889}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{1E54D106-5773-4D9E-AEDF-AC5AFEAF1395}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinSCP 5.17.9 (HKLM-x32\...\winscp3_is1) (Version: 5.17.9 - Martin Prikryl)
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
X2Go Client for Windows (HKLM-x32\...\x2goclient) (Version: 4.1.2.0-2018.06.22 - X2Go Project)
Zoom (HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\ZoomUMX) (Version: 5.3.0 (52670.0921) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 5.0.85 (x86 en-US)) (Version: 5.0.85 - Corporation for Digital Scholarship)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.70.0_x64__htrsf667h5kn2 [2021-02-25] (Dell Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.2.0_x86__8wekyb3d8bbwe [2018-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.21.2212.0_x64__8wekyb3d8bbwe [2017-08-30] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.21.2212.0_x64__8wekyb3d8bbwe [2017-08-30] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.21.2212.0_x64__8wekyb3d8bbwe [2017-08-30] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2019-12-07] (Skype)
Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2021.222.0_x64__79rhkp1fndgsc [2021-03-07] (Canonical Group Limited)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vitan\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\vitan\AppData\Local\GoToMeeting\17956\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vitan\Dropbox [2016-11-28 21:28]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-02-12] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxDTCM.dll [2019-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\vitan\Anaconda3\Scripts\activate.bat C:\Users\vitan\Anaconda3
ShortcutWithArgument: C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\vitan\Anaconda3\Scripts\activate.bat C:\Users\vitan\Anaconda3

==================== Loaded Modules (Whitelisted) =============

2021-02-23 17:05 - 2019-05-02 15:48 - 002183680 _____ () [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\EzULIB_UFB.dll
2020-11-19 13:12 - 2020-11-19 13:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2016-11-30 23:58 - 2012-08-31 15:02 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2021-02-23 17:05 - 2019-05-02 15:48 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\AsMultiLang.dll
2019-11-23 18:44 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2021-02-23 17:05 - 2019-05-02 15:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\Interrupt\InterruptTransfer.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\vitan\Desktop\ktp.jpg:com.dropbox.attributes [774]
AlternateDataStreams: C:\Users\vitan\Desktop\rodinné fota.zip:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-360870364-2460480245-4270640079-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> DefaultScope {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-06-23 15:47 - 2021-03-12 10:12 - 000000525 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.24.144.1 DESKTOP-OKDB3FQ.mshome.net # 2026 3 3 11 9 12 26 655
56 420

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v8.0\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v8.0\libnvvp;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Git\cmd;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.1.120
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "HPUsageTrackingLEDM"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\StartupApproved\Run: => "Kite"
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D316836-6957-4DE5-8140-BA4A58973874}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{975FE5C5-5A28-4332-8A22-B6E8657BA8AA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{6B6F5ABD-C541-48C9-B29B-E0B9B92F0F50}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E9F7A5F0-254D-42C7-A6CD-5090D615C16B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{14C6F2BE-8B3B-40D1-A78B-2A4785749539}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2020 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{A2728224-BE17-4696-91F9-410EC1B5173A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2020 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{ADB14CC3-4D56-4666-AA7A-69C625056584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Launcher\launcher.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{304B2A1A-06A4-47E7-B393-528E0B8A08FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Launcher\launcher.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{6073FCE3-3FCA-4E5F-A00E-CE17E863884D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{4DBBEB38-9F08-4A90-874B-0957000E6A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{313F4FFA-1FF1-4F09-A6AA-3BE6925B5D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{0C8C775D-4777-4DB8-AC31-EC5A46D64E62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{28812835-D61B-4EF3-AE44-EE8BC881657C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{4A744F81-56E3-4D3F-969E-0CB19852F09D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{79D6696D-C0B5-4991-A1EA-22B74550743C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{566E647F-AA90-4378-B734-55E3823CE133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{E9F80C0C-63CD-4FFA-A761-02905FC38A15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{28D64873-5CF0-413A-BA6A-1FFA91A394D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe () [File not signed]
FirewallRules: [{C97F4D50-D015-463C-B4C6-7189C74E4482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Endless Sky\EndlessSky.exe () [File not signed]
FirewallRules: [{4DFCDA86-D86D-44B2-824C-A60CB8D09621}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe (Gamious) [File not signed]
FirewallRules: [{0B9F75EE-F2F2-4CD8-99A9-1664A1EC051A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe (Gamious) [File not signed]
FirewallRules: [UDP Query User{CB5167C4-53A2-4F41-962C-27F89500A80C}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham -> Simon Tatham)
FirewallRules: [TCP Query User{E8F503BE-BDBE-4604-8C91-987B9E20EDEC}C:\program files (x86)\putty\putty.exe] => (Allow) C:\program files (x86)\putty\putty.exe (Simon Tatham -> Simon Tatham)
FirewallRules: [UDP Query User{B7FFA1FB-1568-4FFB-8648-4793DA3BC68A}C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [TCP Query User{02674479-B248-4A23-8918-762FA24D2727}C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [UDP Query User{0019A3C1-0033-4198-8AEF-ABC5B21C17D9}C:\program files (x86)\x2goclient\sshd.exe] => (Allow) C:\program files (x86)\x2goclient\sshd.exe () [File not signed]
FirewallRules: [TCP Query User{277A3865-A1EC-4EB0-B003-9D5AE3200CD1}C:\program files (x86)\x2goclient\sshd.exe] => (Allow) C:\program files (x86)\x2goclient\sshd.exe () [File not signed]
FirewallRules: [UDP Query User{8A3B5362-AC8E-4B17-B5F3-B48EF6A3CB1D}C:\program files (x86)\x2goclient\pulse\pulseaudio.exe] => (Allow) C:\program files (x86)\x2goclient\pulse\pulseaudio.exe () [File not signed]
FirewallRules: [TCP Query User{EAE4C45C-BD2D-4F06-AEE1-B24DB41DB86E}C:\program files (x86)\x2goclient\pulse\pulseaudio.exe] => (Allow) C:\program files (x86)\x2goclient\pulse\pulseaudio.exe () [File not signed]
FirewallRules: [{22C7FC1F-841D-4FA4-B58F-9525B53F86D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{F6D08DC6-D4FA-4DBE-AFE7-FEC00D0FB71D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{5DCEAAEC-3B49-41FD-98E5-1302A9D978AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{BBC3D522-0202-43D8-97A7-2643EF65CFF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{076AF36D-4512-4BE3-AEEE-0C2766E57894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{A454B137-3188-4F0B-8DF6-F95BB7B0E0DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{84BAB9CA-8A93-41CB-A4D3-C6A8A378800C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6F02C390-38B8-482D-8B6D-68AB74C93ABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B4365780-C0CA-47E7-980B-D673B7EACABD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2019 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{05A8F31F-E8C6-4D00-B7B5-63CABD946653}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2019 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{4D1B3410-FD4E-46D9-8E63-06B215A3305F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{C3221991-4AB1-4C8F-B489-E77AF33A24F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [UDP Query User{D5B82164-9593-472F-846C-892D0B5F81DC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{98F23777-C98F-4B3F-B129-19A092738BC4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{F732DC0E-3F15-4CBB-B183-9C864763D1C8}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{0558102D-E354-41C6-B1AB-CDCA84CF2EE7}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{32238FC3-83FE-4AF9-A246-DC17BDD61A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2019\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{C2CE05F9-6206-4581-B6AF-309C4151D2E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2019\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{69502198-4CF8-40BB-9DB4-1046BE9DA2AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7C2A3BD1-5FFF-4781-8F42-E129349B55FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{607287B7-9C78-4F75-9BCD-DBD98A36692C}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [TCP Query User{6D556F5D-282C-4D73-93D7-FA475465B6F9}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [UDP Query User{7B536ED9-DA8F-47AF-826F-CA8F99C9D7E5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [TCP Query User{D6CCA8BB-CE5C-4938-A2D3-29B21E15AF06}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [{93E6F3FD-D499-4706-849B-5B8C9145FA7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{143B8119-424A-44C6-ACFD-DCA28D5F6008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{D5777743-9C78-47F3-9313-76223984C5D6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{7E5B5DC8-0E92-4976-97E4-9C652305F0D9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{8E34998C-2416-4557-ADE7-CFC7EF2350DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Ages\ThroughTheAges_steam.exe () [File not signed]
FirewallRules: [{2A6CC574-3C58-4910-90B7-CD02D3E9769D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Ages\ThroughTheAges_steam.exe () [File not signed]
FirewallRules: [{A74EF74B-B28D-4740-94B8-58DDDDFC928B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B48C891-70C8-4DB4-9DCB-A39931FA5610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{770E3379-4A81-4F82-BC50-E2F757B7DCB0}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{EC76380A-45D7-4057-90EB-27DA0BDA96BE}C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{6DDEA704-E229-4444-85B8-6024B80C0E1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{C5AD18B4-C54F-4883-A5A0-51F4067C1195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed]
FirewallRules: [{8DEE7AD0-CBF2-4C31-8F2D-CD4318620877}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{83BDFA4D-AC18-4D2A-8843-DFEA64AE25CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{0A830613-0C63-4017-B9C0-0FBEDB2E59EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Motorsport Manager\MM.exe () [File not signed]
FirewallRules: [{D3A13634-794C-4BC7-890D-06E19965E334}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Motorsport Manager\MM.exe () [File not signed]
FirewallRules: [{A2633447-E546-407A-9554-ADE393B1A557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{7D1C6AF3-8239-44C2-9F9A-099A7158CA1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Democracy 3\Democracy3.exe () [File not signed]
FirewallRules: [{FF009890-058D-4CF1-992F-E9DAB369349B}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{F09A26DD-8FA9-419A-B8A1-C806C89BDB05}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{E56D7584-C9AF-450A-A6B9-83556EDE0243}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{EF02CAC9-7BB6-4846-B7EF-7C2357A6A902}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{8654807C-C44B-4785-84FE-EE5EFA02BC92}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B30ABDC1-B3CF-4302-A198-8BBC1ED99881}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8EAF5146-A479-424A-9E60-DCE074241AA6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{C307AC07-8F1E-4484-BBC0-B83CC6C81579}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{E402EA34-310B-4AE8-9203-AA4B75B2E017}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{9E35A38E-B4DD-4E4A-8876-89F173E09D3E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{7CB0D21F-F175-4957-9DD7-06D3F19B874D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60368B96-57EE-45F8-BDD2-9E8B48B6DAE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18AABFD6-DAF9-4E7F-B53B-74D3B33A3639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{1BB264DB-829A-41DB-A68C-FF4382384DFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D09740D8-4F9A-4EAF-B258-BDCBE7D493FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{631B29CE-771D-49AD-829B-98D8E2FA8F17}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{247917E3-AE1D-40DA-B4E6-23F4860E3EFD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{616F5BD9-80C8-413F-B6C5-4C45BA443EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{6A0BC26B-2665-4FF6-8C82-ABBB121E89B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{F69A8B45-42CE-40A3-8B86-A96BC4D5CD14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{BA63C1C9-47BB-4A4D-ABCF-642B38B273F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E25A7740-1305-4798-91A4-8C5D56150ED1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4949038-A225-4960-98F4-94A53870E34B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{1EBD153D-2B11-4105-818F-1CC7849E95E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{A94620C3-00DC-43A6-B008-263926425188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{63E004BE-E9B2-4629-8F8E-00519AB12ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{CFDA7E61-4D98-44E6-A305-295B830278C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{5A286A5B-F76C-4B0F-BF58-F155FA43DF78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{260C80EB-C2A5-4452-B684-B63B68691B6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{E9A7929E-76BF-4F69-B484-1021B0BBA968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{9C59185F-9E75-49E4-939F-7622CF6C85A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{6116BB5D-588C-4CFB-BCC2-2C08B817600F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{51E7ACCC-904B-4479-9077-3447082A9C6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B8024570-C1E5-401F-A1FB-F24EDB028E1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{5B5C68BB-748A-43F2-9410-E50AF05C08BA}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{8560994A-4B59-43BA-A9CE-C70D0263EDC4}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{7F09AE45-DB70-46B6-BC74-6A7FC40A5332}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BC8F4F66-733B-4B2F-ACF8-152390C8E038}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{74B7113F-F4AC-416F-9772-5388B879CAF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{73601948-73AB-4D77-B061-E87E5A54A71D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{41B9EBB9-7B1A-4A96-9CF1-09E5E01FC8C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{175E696D-4C39-41AD-88E2-5DE9999F945E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{A35DDC5A-E219-4C2B-9B54-68219CB6D388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{D7135C83-35E1-450B-BEE6-2EFACD35E321}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{9493C7F2-1E6C-452F-82CA-154D91BD9C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{471C478D-9CFD-4A4A-84D5-691F5A47A1B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{6D33905A-8974-4B83-9CA2-110A53FAAEA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{2B590F5F-DD9D-42C8-9E8F-F90D52ADE283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{348FA773-1652-4E84-81BC-6A861D986F57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{DD08204B-BE61-45F1-A355-B7412AA5C95B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe (Greenheart Games Pty. Ltd. -> )
FirewallRules: [{F3F6817E-E21D-4B56-B676-7A864547E4A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{B11E1111-D424-466B-9756-5EDB72C9D2B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{2F27BD12-12C7-4D79-8472-945FFF2FEFE8}C:\program files (x86)\nvidia corporation\nsight visual studio edition 5.2\monitor\common\nsight.monitor.exe] => (Allow) C:\program files (x86)\nvidia corporation\nsight visual studio edition 5.2\monitor\common\nsight.monitor.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [UDP Query User{4419FC6A-0354-4759-8A26-6FDF2101553A}C:\program files (x86)\nvidia corporation\nsight visual studio edition 5.2\monitor\common\nsight.monitor.exe] => (Allow) C:\program files (x86)\nvidia corporation\nsight visual studio edition 5.2\monitor\common\nsight.monitor.exe (NVIDIA Corporation) [File not signed]
FirewallRules: [{6EB02D12-84DA-4794-AFAD-9A3ABEB20B2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{1D180B8B-A7B3-436B-9E57-C994C5E23D40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{796D3218-DBD2-499C-9FB2-DC82E5889475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SPAZ2\SPAZ2_64.exe () [File not signed]
FirewallRules: [{B7CF4108-5AF3-4104-AA1C-39AB95E57CF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SPAZ2\SPAZ2_64.exe () [File not signed]
FirewallRules: [TCP Query User{9A4E9470-ECF4-49ED-9245-AFF06DB404C2}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{23ADB9A2-4937-43C8-A893-E244C7BEEFD6}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{8CAF600C-9AAE-4FAF-9301-246F336260A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [{53535693-02C2-4B0E-9F7C-43FFCDF4BD6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed]
FirewallRules: [TCP Query User{44C8D5B0-5885-4CA6-A4E0-B925566CD987}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F8587FD8-949A-4EAF-BBEC-BBE70DD32CA8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6AEDF41-37CD-42EB-B67A-253F10877EEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{323FD9E4-FA0E-4F6F-9A77-BBFDB1A68070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{B0F45CC1-AA04-4CCC-BB00-6C37815D9277}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{50485CF7-9249-426C-934B-3B3D42B8D6BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{68FB0204-BC6B-4120-AAAF-CAB824B3C0A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{580A7FD8-3442-43D4-9495-9F5D11CDE6B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{051F7299-8AE3-44C6-BE3E-0B7AE01A4421}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7A9531C2-02B8-4452-A3BA-7F6CA980BA5C}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F111B8A3-3569-4562-86EE-58761B7CF71D}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D077AC1C-90C1-4EF6-BE74-7398957A069E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{22CE23C6-BB72-418A-A48D-FFF8390F0844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{EBBFEAB7-FB63-4F1F-A291-F77C5D4B611F}C:\program files (x86)\steam\steamapps\common\fifa 21\fifa21.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{7F802F95-0E16-4F0A-85C5-9B110DC20B01}C:\program files (x86)\steam\steamapps\common\fifa 21\fifa21.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{662FF4C0-9580-435D-80F0-F044947FD4B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{755B1A45-ABAB-465B-80DB-A31D0BC148A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{48ED4140-49B7-4302-835A-AA96901B2344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{8B354AEB-8595-451D-B6BC-BDB779641D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{BD03B788-7651-48F1-8ED2-4470F113366C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{4B26D6B7-E0F7-457F-8576-514A428CD126}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{0A0FFCB6-BA60-41A2-AA39-82A181E24009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{9BA65975-A505-4BB2-99E1-29520DB99538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{14B6F4AD-0C9A-4548-8DB2-C61A616D0BF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{3FD2DEA6-9E22-4B73-9093-4DBC1919A359}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{A0DCD5D9-37CA-43B8-82AC-CEA019977508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SmallWorld.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{9E691D18-EA75-44DB-A958-B092FB083D7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SmallWorld2\SmallWorld.exe (Days of Wonder, Inc.) [File not signed]
FirewallRules: [{4DAF62BE-A4E8-4102-8555-8237B44F1FA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AFD2FEA3-780E-4A1D-88ED-E527175C63F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E1701554-471B-4E78-A33D-14E684B3965B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F1A9F06-33AF-4499-8113-4B95F03F75C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{DB18315F-C7C3-4ED7-AAAE-9FAADD6FBD0A}C:\users\vitan\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vitan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5275A280-E07C-45A7-A8C5-AC29A0D8FCBA}C:\users\vitan\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vitan\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D069CBD-A15E-4DF2-A4B7-D2C655A590EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{2901AB58-F55A-4773-A407-A485B3C9F200}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{F3570A55-81D2-45DE-9316-ACDECB3FD814}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{53736177-9B71-49D5-A38A-E3A6DE853D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C570C2EF-2CD0-40DC-A228-8B1D0F29D79E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BAF1B1D1-3EFA-4127-86FE-0E58A214D7FC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{12D288DA-ECA9-4B62-9748-ACEA5D878D2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{B72EB94B-4180-46A0-A242-D9A578566117}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/22/2021 02:46:24 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 774790799 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (03/22/2021 02:43:51 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 774638062 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/22/2021 02:43:48 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (03/18/2021 01:18:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/18/2021 01:16:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2021 02:17:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/17/2021 02:17:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (03/16/2021 10:32:52 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.

Error: (03/13/2021 03:33:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba ZeroConfigService byla ukončena s následující chybou:
%%2147770990

Error: (03/13/2021 03:32:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OKDB3FQ)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2021 03:32:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OKDB3FQ)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-03-22 11:20:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {31AAFDB4-DF1B-4C18-95FB-93385923ED81}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-21 14:13:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D457833F-0F49-44F4-A111-B892106D947D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-20 16:56:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vitan\Downloads\IMG_4580 (1).zip; file:_C:\Users\vitan\Downloads\IMG_4580.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-OKDB3FQ\vitan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.333.838.0, AS: 1.333.838.0, NIS: 1.333.838.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-20 16:56:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vitan\Downloads\IMG_4580.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-OKDB3FQ\vitan
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.333.838.0, AS: 1.333.838.0, NIS: 1.333.838.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-20 14:36:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {34A6FB9B-8488-4E96-AE11-EC7196D4F516}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: Dell Inc. 1.3.1 12/02/2018
Motherboard: Dell Inc. 0H0CC0
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 59%
Total physical RAM: 16252.05 MB
Available physical RAM: 6658.1 MB
Total Virtual: 18684.05 MB
Available Virtual: 6754.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:929.87 GB) (Free:246.35 GB) NTFS
Drive d: (DATA) (Fixed) (Total:918.97 GB) (Free:478.59 GB) NTFS

\\?\Volume{09c1e3b2-3098-11ea-9f87-b88198bfc37b}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{449d70bd-6791-46fd-9ba6-46446235bffc}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{eaf8b291-00aa-4bdc-93d3-825a5110ff4e}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{94bca896-471a-4a5f-bbd5-efd1fbc87f9e}\ (Image) (Fixed) (Total:11.42 GB) (Free:0.65 GB) NTFS
\\?\Volume{95253317-c57c-4209-b472-337d6b7608e8}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
\\?\Volume{6b8f87d4-30b2-11ea-9f88-b88198bfc37b}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7812914B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 7812914B)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vg38
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 18 úno 2010 18:12

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#3 Příspěvek od vg38 »

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-22-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 24
# Awaiting reboot:3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Deleted Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}
Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\Windows\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.HPUsageTrackingLEDM Folder C:\Program Files (x86)\HP\HP UT LEDM\BIN
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPUsageTrackingLEDM
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{853F464A-B2B8-404E-BA3E-B98FF6862C41}
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\DELL\UPDATESERVICE
Cleaning failed C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Cleaning failed C:\ProgramData\DELL\UPDATESERVICE

*************************

AdwCleaner[S01].txt - [4448 octets] - [22/03/2021 19:06:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vg38
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 18 úno 2010 18:12

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#5 Příspěvek od vg38 »

(Addtion je v příloze)
Addition.zip
(28.39 KiB) Staženo 52 x
FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by vitan (administrator) on DESKTOP-OKDB3FQ (Dell Inc. Inspiron 7559) (22-03-2021 20:11:29)
Running from C:\Users\vitan\Desktop
Loaded Profiles: vitan
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\vitan\Anaconda3\Scripts\spyder.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\MacroAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\LiveUpdateSyncCheck.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\ROG Armoury\Tools\Mutually Exclusive AURA Agent.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\NahimicAPISvc64.exe
(A-Volute -> NahimicAPI) C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\118.4.460\QtWebEngineProcess.exe <2>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\vitan\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Python Software Foundation) [File not signed] C:\Users\vitan\Anaconda3\python.exe <6>
(Python Software Foundation) [File not signed] C:\Users\vitan\Anaconda3\pythonw.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(The Qt Company Ltd.) [File not signed] C:\Users\vitan\Anaconda3\Library\bin\QtWebEngineProcess.exe <3>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Asus Headset Svc64] => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
HKLM\...\Run: [Asus Headset Svc32] => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992040 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] () [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP1100LM: HP1100LM.DLL
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-16] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00AF4839-2A4C-4A6D-8A63-495A7BBEDD8F} - System32\Tasks\NahimicAPISvc32Run => C:\Program Files\NahimicAPI\x86\NahimicAPISvc32.exe [583552 2020-03-23] (A-Volute -> NahimicAPI)
Task: {0DC2FAEE-553B-4AB3-9842-C62DFD7DD92B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17DF9011-AB27-4E63-BD93-FBE836C2FCE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D45688D-B5E7-4AA0-9ACD-E0368AA68CF0} - System32\Tasks\ASUS\ArmouryLiveUpdate => C:\Program Files (x86)\ASUS\ROG Armoury\Live Update\ArmouryLiveUpdate.exe [1462760 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {2221A198-ECC3-4233-8EC1-5EFC0CE3A97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {261A4256-713F-47D8-B9C2-28D61B708BFC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {2EACC429-732C-45B8-BA58-C91F14B9440B} - System32\Tasks\ASUS\ledcontrolservice3 => C:\Program Files (x86)\ASUS\ROG Armoury\Protocol\AudioLEDControl\ledcontrolservice3.exe [2557744 2020-01-08] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {4D62D043-D4AE-4E9F-BF82-5B9AC9CF5DCA} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {5FE110AD-9294-4134-81B4-7924AC88E263} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {6C2FE804-AE70-496E-B1C2-D49AEB5E3282} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79E9E3A7-82AA-40C8-AC59-3C62E028628E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {7A87F89E-57CA-43DA-9F16-2A01E8B0F6FB} - System32\Tasks\ASUS\MacroAgent => C:\Program Files (x86)\ASUS\ROG Armoury\MacroAgent.exe [77960 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {7D8A2083-BE67-4451-9DDF-961D18EFCA62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83672EDC-5E9B-427E-9A1E-0C82B4E2AE33} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [139448 2016-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {860D7FCD-4277-4961-9153-5B40EAA75D2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {878D8E25-E92D-42A2-B1BF-BA0BB57DB977} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B3B8EBE-AC70-4129-8C36-C995AC8B5310} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {92C70E44-87B6-424B-9046-118C14769259} - System32\Tasks\G2MUpdateTask-S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupdate.exe [31320 2020-12-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {9AD913F9-0953-436E-A82E-25F7191C3426} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23464 2020-11-16] (Microsoft Corporation -> Microsoft)
Task: {9CA5477E-F689-41AB-B2D4-D85321CCE05A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {9DA2FEE6-389A-487F-85BC-24B01F39282D} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A5BB907F-41A3-4183-9147-C503BCD9C075} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC8CD193-D544-4021-979B-C1C40E0B1F3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD95250F-4D37-44B8-B7C6-9DA30F7F703C} - System32\Tasks\ASUS\P508PowerAgent => C:\Program Files (x86)\ASUS\ROG Armoury\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [51120 2019-11-01] (ASUSTeK Computer Inc. -> )
Task: {AF2DE640-B241-4E40-A55B-157B34A8A829} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B37C33A4-A4E1-4D61-BA4D-D4BBE979826E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B541A670-41E4-49E2-B41B-5A4928E81572} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BD1A689B-A5F7-4E68-8962-504EE1940CD3} - System32\Tasks\NahimicAPISvc64Run => C:\Program Files\NahimicAPI\NahimicAPISvc64.exe [744320 2020-03-23] (A-Volute -> NahimicAPI)
Task: {BEB1F5B0-B77A-4D18-A030-8EDFA6F300D9} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [210808 2020-11-16] (Microsoft Corporation -> )
Task: {C7B9149B-ECE4-456B-AEDB-FEC3A4EFFC4A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {CA4E1AA1-E7AD-4819-81EB-DF2AC49216C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DA60C5AF-51DE-4F28-814B-AA8D53601A6E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {E0E9C35F-58D8-467B-B7AD-0A6D7957E3E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E2B914E2-91EE-442B-B9FB-91F1B4714640} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBC21419-0A60-4818-8391-492C3B0C8045} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EEA4A1D2-0464-43B5-8A9A-3371847B5F66} - System32\Tasks\G2MUploadTask-S-1-5-21-360870364-2460480245-4270640079-1001 => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupload.exe [31320 2020-12-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FBA864D1-9073-480D-AB96-C7F549834078} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-360870364-2460480245-4270640079-1001.job => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-360870364-2460480245-4270640079-1001.job => C:\Users\vitan\AppData\Local\GoToMeeting\19228\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.120
Tcpip\..\Interfaces\{041ce7c3-f399-4936-844c-f0966ea52823}: [DhcpNameServer] 195.113.0.2 195.113.44.11
Tcpip\..\Interfaces\{0a0a18a7-3a33-44fd-8f57-4a0239f9f703}: [DhcpNameServer] 192.168.1.120

Edge:
=======
Edge Profile: C:\Users\vitan\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-22]

FireFox:
========
FF DefaultProfile: udm6okhk.default
FF DefaultProfile: 9b7e3qid.default
FF ProfilePath: C:\Users\vitan\AppData\Roaming\Zotero\Zotero\Profiles\udm6okhk.default [2020-11-23]
FF ProfilePath: C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default [2021-03-22]
FF Homepage: Mozilla\Firefox\Profiles\9b7e3qid.default -> seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\9b7e3qid.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\9b7e3qid.default -> hxxps://mail.google.com
FF Extension: (Privacy Badger) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-03-10]
FF Extension: (uBlock Origin) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\uBlock0@raymondhill.net.xpi [2021-03-12]
FF Extension: (Zotero Connector) - C:\Users\vitan\AppData\Roaming\Mozilla\Firefox\Profiles\9b7e3qid.default\Extensions\zotero@chnm.gmu.edu.xpi [2021-03-13] [UpdateUrl:hxxps://www.zotero.org/download/connector/firef ... dates.json]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default [2021-03-22]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-30]
CHR Extension: (uBlock Origin) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-22]
CHR Extension: (Tabulky) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\vitan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 ArmouryLiveUpdate; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_5b63afd65d075939\ArmouryLiveUpdate.exe [576216 2020-12-10] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [591176 2021-02-25] (ASUSTeK Computer Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-10-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-10-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 Dell Customer Connect; "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-05-02] (ASUSTeK Computer Inc. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-09-17] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 MpKsl00d3f865; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9777B417-5535-4DD6-A98B-872CF4CAE788}\MpKslDrv.sys [90360 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Marvell Semiconductor, Inc.) [File not signed]
S3 ROGMS; C:\WINDOWS\System32\DriverStore\FileRepository\rogms.inf_amd64_5b63afd65d075939\ROGMS.sys [33928 2020-12-10] (ASUSTeK Computer Inc. -> )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 MpKsl01c1c48b; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17151E01-2AB7-4F68-B2D7-FB084CBBA8EC}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 19:03 - 2021-03-22 19:07 - 000000000 ____D C:\AdwCleaner
2021-03-22 19:03 - 2021-03-22 19:03 - 008463216 _____ (Malwarebytes) C:\Users\vitan\Desktop\adwcleaner_8.1.exe
2021-03-22 18:36 - 2021-03-22 18:36 - 005186520 _____ C:\Users\vitan\Downloads\IMG_4580.zip
2021-03-22 17:52 - 2021-03-22 18:07 - 000057428 _____ C:\Users\vitan\Desktop\Addition1.txt
2021-03-22 17:48 - 2021-03-22 20:12 - 000030886 _____ C:\Users\vitan\Desktop\FRST.txt
2021-03-22 17:48 - 2021-03-22 20:11 - 000020845 _____ C:\Users\vitan\Desktop\FRST1.txt
2021-03-22 17:47 - 2021-03-22 20:11 - 000000000 ____D C:\FRST
2021-03-22 17:47 - 2021-03-22 17:47 - 002300928 _____ (Farbar) C:\Users\vitan\Desktop\FRST64.exe
2021-03-19 12:54 - 2021-03-19 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-17 14:15 - 2021-03-13 07:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-17 14:15 - 2021-03-13 07:25 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-17 14:15 - 2021-03-13 07:24 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-17 14:15 - 2021-03-13 07:24 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000678688 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000671536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-17 14:15 - 2021-03-13 07:22 - 000546064 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-17 14:15 - 2021-03-13 07:21 - 000556824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 008306448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 007429936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 001730832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446192.dll
2021-03-17 14:15 - 2021-03-13 07:20 - 001490224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446192.dll
2021-03-17 14:15 - 2021-03-13 07:17 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-16 18:49 - 2021-03-16 18:49 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-03-16 11:46 - 2021-03-16 11:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-15 22:18 - 2021-03-22 19:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-13 15:30 - 2021-03-13 15:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-13 15:30 - 2021-03-13 15:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-13 15:30 - 2021-03-13 15:30 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-13 15:30 - 2021-03-13 15:30 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000374096 _____ C:\WINDOWS\system32\vp9fs.dll
2021-03-13 15:30 - 2021-03-13 15:30 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-09 16:01 - 2021-03-09 16:01 - 000000000 ____D C:\Users\vitan\Jedi
2021-03-09 13:28 - 2021-03-09 13:28 - 000002366 _____ C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-03-09 13:28 - 2021-03-09 13:28 - 000000000 ____D C:\Users\vitan\AppData\Roaming\Teams
2021-03-08 13:14 - 2021-03-08 13:14 - 000000752 _____ C:\Users\vitan\AppData\Local\recently-used.xbel
2021-03-07 22:34 - 2021-03-07 22:34 - 000177312 _____ C:\battery-report.html
2021-03-07 19:01 - 2021-03-07 19:13 - 616793515 _____ C:\Users\vitan\Downloads\OpenFOAM-v2012-windows10.tgz
2021-03-07 18:43 - 2021-03-22 19:07 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2021-03-07 18:43 - 2021-03-07 18:43 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2021-03-07 18:43 - 2021-03-07 18:43 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-03-07 13:47 - 2021-03-07 13:47 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-07 13:46 - 2021-03-07 13:46 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-07 13:46 - 2021-03-07 13:46 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Roaming\Apple Computer
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Local\SmallWorld
2021-02-25 21:11 - 2021-02-25 21:11 - 000000000 ____D C:\Users\vitan\AppData\Local\Apple Computer
2021-02-25 21:10 - 2021-02-25 22:17 - 000000000 ____D C:\Users\vitan\AppData\Local\Days of Wonder
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\Users\vitan\AppData\Local\ArmouryLiveUpdate
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\Users\vitan\AppData\Local\AcLoader
2021-02-25 15:36 - 2021-02-25 15:36 - 000000000 ____D C:\ProgramData\ASUS
2021-02-25 11:58 - 2021-02-25 11:58 - 000000000 ____D C:\Program Files (x86)\DummyDir
2021-02-23 17:06 - 2021-03-22 19:08 - 000000000 ____D C:\Program Files\NahimicAPI
2021-02-23 17:06 - 2021-02-23 17:06 - 000003188 _____ C:\WINDOWS\system32\Tasks\NahimicAPISvc32Run
2021-02-23 17:06 - 2021-02-23 17:06 - 000003180 _____ C:\WINDOWS\system32\Tasks\NahimicAPISvc64Run
2021-02-23 17:06 - 2021-02-23 17:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2021-02-23 17:05 - 2020-03-31 16:43 - 000033912 _____ C:\WINDOWS\system32\Drivers\ROGMS.sys
2021-02-23 17:05 - 2019-05-02 15:48 - 000120880 _____ C:\WINDOWS\system32\AsIO2.dll
2021-02-23 17:05 - 2019-05-02 15:48 - 000095280 _____ C:\WINDOWS\SysWOW64\AsIO2.dll
2021-02-23 17:05 - 2019-05-02 15:48 - 000033832 _____ C:\WINDOWS\system32\Drivers\AsIO2.sys
2021-02-23 17:04 - 2021-02-25 15:36 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-22 16:05 - 2021-02-22 16:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 20:13 - 2019-10-09 21:23 - 000000000 ____D C:\Users\vitan\.conda
2021-03-22 20:09 - 2019-10-09 21:26 - 000000000 ____D C:\Users\vitan\.spyder-py3
2021-03-22 19:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-22 19:36 - 2019-10-09 21:23 - 000000043 _____ C:\Users\vitan\.condarc
2021-03-22 19:26 - 2020-07-18 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-22 19:25 - 2019-04-07 14:01 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-03-22 19:19 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-22 19:19 - 2016-12-14 18:02 - 000002292 ____H C:\Users\vitan\Documents\Default.rdp
2021-03-22 19:15 - 2020-07-18 18:22 - 001797014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-22 19:15 - 2019-12-07 15:41 - 000753578 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-22 19:15 - 2019-12-07 15:41 - 000163100 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-22 19:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-22 19:10 - 2017-04-13 11:05 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-22 19:09 - 2019-02-05 10:34 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-22 19:09 - 2016-11-28 22:30 - 000000000 ____D C:\Users\vitan\AppData\LocalLow\Mozilla
2021-03-22 19:08 - 2016-11-29 13:19 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-22 19:08 - 2016-11-28 21:27 - 000000000 __SHD C:\Users\vitan\IntelGraphicsProfiles
2021-03-22 19:07 - 2020-11-15 14:53 - 000000000 ____D C:\Program Files (x86)\Dell
2021-03-22 19:07 - 2020-07-18 18:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-22 19:07 - 2020-07-18 18:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-22 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-22 19:07 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-22 19:07 - 2016-11-28 22:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-22 19:07 - 2016-08-06 07:57 - 000000000 ____D C:\ProgramData\Dell
2021-03-22 19:07 - 2016-08-05 22:31 - 000000000 ____D C:\WINDOWS\Dell
2021-03-22 19:07 - 2016-08-05 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-03-22 19:07 - 2016-08-05 22:25 - 000000000 ____D C:\Program Files\Dell
2021-03-22 18:51 - 2016-11-28 21:28 - 000000000 ___RD C:\Users\vitan\Dropbox
2021-03-22 01:19 - 2016-11-30 11:51 - 000000000 ____D C:\Users\vitan\AppData\Local\CrashDumps
2021-03-20 16:31 - 2016-12-20 00:50 - 000000000 ____D C:\Users\vitan\AppData\Roaming\KeePass
2021-03-20 14:24 - 2020-06-09 16:25 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-20 14:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-20 14:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-19 12:54 - 2016-08-05 22:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-17 14:17 - 2016-11-28 21:27 - 000000000 ____D C:\Users\vitan\AppData\Local\NVIDIA
2021-03-17 14:16 - 2017-04-13 11:04 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-03-16 15:30 - 2016-11-30 19:19 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-16 11:46 - 2016-11-28 22:30 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-16 10:36 - 2018-02-15 09:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 13:09 - 2020-07-18 18:25 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-360870364-2460480245-4270640079-1001
2021-03-15 13:09 - 2020-07-18 17:46 - 000002363 _____ C:\Users\vitan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 13:09 - 2016-11-28 21:32 - 000000000 ___RD C:\Users\vitan\OneDrive
2021-03-13 15:33 - 2020-07-18 18:18 - 000456736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-13 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-13 15:32 - 2020-07-18 17:46 - 000000000 ____D C:\Users\vitan
2021-03-13 15:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-13 07:17 - 2020-07-16 16:40 - 007119832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-12 10:12 - 2018-06-23 15:47 - 000000525 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-03-11 13:35 - 2016-11-28 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 13:28 - 2016-11-28 23:08 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 13:27 - 2016-11-30 23:51 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 06:13 - 2020-07-16 16:40 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-11 02:17 - 2017-04-13 11:05 - 005627760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-03-11 02:17 - 2017-04-13 11:05 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 009524317 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-03-11 02:16 - 2017-04-13 11:05 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-03-11 02:16 - 2017-04-13 11:05 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-03-09 20:54 - 2019-10-09 20:54 - 000000000 ____D C:\Users\vitan\Anaconda3
2021-03-09 15:59 - 2019-10-09 21:26 - 000000000 ____D C:\Users\vitan\.matplotlib
2021-03-09 13:35 - 2016-11-29 00:56 - 000000000 ____D C:\Users\vitan\AppData\Local\ConnectedDevicesPlatform
2021-03-09 13:28 - 2020-12-14 14:56 - 000000000 ____D C:\Users\vitan\AppData\Local\SquirrelTemp
2021-03-07 20:09 - 2020-03-18 13:34 - 000000000 ____D C:\Users\vitan\AppData\Roaming\ParaView
2021-03-07 18:48 - 2018-12-16 02:54 - 000000000 ____D C:\ProgramData\Packages
2021-03-07 18:48 - 2018-05-02 03:11 - 000000000 ____D C:\Users\vitan\AppData\Local\PlaceholderTileLogoFolder
2021-03-07 18:48 - 2017-10-19 00:12 - 000000000 ____D C:\Users\vitan\AppData\Local\Packages
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-07 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-04 22:02 - 2020-07-18 18:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 22:02 - 2020-07-18 18:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-26 09:00 - 2020-07-18 18:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2020-07-18 18:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 09:00 - 2017-04-13 11:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-26 09:00 - 2017-04-13 11:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-25 00:02 - 2017-01-06 21:03 - 000000000 ____D C:\Users\vitan\Documents\Sports Interactive
2021-02-25 00:02 - 2017-01-06 21:03 - 000000000 ____D C:\Users\vitan\AppData\Local\Sports Interactive
2021-02-23 17:04 - 2016-08-05 22:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories ========

2018-03-06 09:30 - 2019-08-20 09:39 - 000000251 _____ () C:\Users\vitan\AppData\Roaming\gnuplot_history
2016-11-29 23:44 - 2020-12-15 22:13 - 000000128 _____ () C:\Users\vitan\AppData\Roaming\winscp.rnd
2020-02-22 21:55 - 2020-10-16 11:03 - 000000081 _____ () C:\Users\vitan\AppData\Local\.bidstack.fault
2016-11-29 23:42 - 2020-06-08 04:29 - 000000600 _____ () C:\Users\vitan\AppData\Local\PUTTY.RND
2021-03-08 13:14 - 2021-03-08 13:14 - 000000752 _____ () C:\Users\vitan\AppData\Local\recently-used.xbel
2016-11-28 23:24 - 2020-12-15 20:28 - 000007652 _____ () C:\Users\vitan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {2221A198-ECC3-4233-8EC1-5EFC0CE3A97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9CA5477E-F689-41AB-B2D4-D85321CCE05A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\vitan\AppData\Local\GoToMeeting\17956\G2MOutlookAddin64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\vitan\Desktop\ktp.jpg:com.dropbox.attributes [774]
AlternateDataStreams: C:\Users\vitan\Desktop\rodinné fota.zip:com.dropbox.attributes [168]
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> DefaultScope {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =
FirewallRules: [UDP Query User{607287B7-9C78-4F75-9BCD-DBD98A36692C}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [TCP Query User{6D556F5D-282C-4D73-93D7-FA475465B6F9}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [UDP Query User{7B536ED9-DA8F-47AF-826F-CA8F99C9D7E5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [TCP Query User{D6CCA8BB-CE5C-4938-A2D3-29B21E15AF06}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [{D5777743-9C78-47F3-9313-76223984C5D6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{7E5B5DC8-0E92-4976-97E4-9C652305F0D9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{FF009890-058D-4CF1-992F-E9DAB369349B}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{F09A26DD-8FA9-419A-B8A1-C806C89BDB05}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{E56D7584-C9AF-450A-A6B9-83556EDE0243}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{EF02CAC9-7BB6-4846-B7EF-7C2357A6A902}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{8EAF5146-A479-424A-9E60-DCE074241AA6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{C307AC07-8F1E-4484-BBC0-B83CC6C81579}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{E402EA34-310B-4AE8-9203-AA4B75B2E017}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{9E35A38E-B4DD-4E4A-8876-89F173E09D3E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{18AABFD6-DAF9-4E7F-B53B-74D3B33A3639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{616F5BD9-80C8-413F-B6C5-4C45BA443EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{6A0BC26B-2665-4FF6-8C82-ABBB121E89B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{A94620C3-00DC-43A6-B008-263926425188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{63E004BE-E9B2-4629-8F8E-00519AB12ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{7F09AE45-DB70-46B6-BC74-6A7FC40A5332}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BC8F4F66-733B-4B2F-ACF8-152390C8E038}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{74B7113F-F4AC-416F-9772-5388B879CAF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{73601948-73AB-4D77-B061-E87E5A54A71D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{7A9531C2-02B8-4452-A3BA-7F6CA980BA5C}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F111B8A3-3569-4562-86EE-58761B7CF71D}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\vitan\Downloads\IMG_4580.zip
C:\moje\Xiaomi\xiaomi.eu_multi_MI3WMI4W_7.10.26_v9-6.0.zip

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vg38
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 18 úno 2010 18:12

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#7 Příspěvek od vg38 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by vitan (22-03-2021 21:09:44) Run:1
Running from C:\Users\vitan\Desktop
Loaded Profiles: vitan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {2221A198-ECC3-4233-8EC1-5EFC0CE3A97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
Task: {EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9CA5477E-F689-41AB-B2D4-D85321CCE05A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-30] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\vitan\AppData\Local\GoToMeeting\17956\G2MOutlookAddin64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\vitan\Desktop\ktp.jpg:com.dropbox.attributes [774]
AlternateDataStreams: C:\Users\vitan\Desktop\rodinné fota.zip:com.dropbox.attributes [168]
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> DefaultScope {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =
SearchScopes: HKU\S-1-5-21-360870364-2460480245-4270640079-1001 -> {28302DE2-3376-4FA7-AF66-E5D07A5A789C} URL =
FirewallRules: [UDP Query User{607287B7-9C78-4F75-9BCD-DBD98A36692C}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [TCP Query User{6D556F5D-282C-4D73-93D7-FA475465B6F9}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe] => (Allow) C:\users\vitan\desktop\vlc-3.0.3\vlc.exe => No File
FirewallRules: [UDP Query User{7B536ED9-DA8F-47AF-826F-CA8F99C9D7E5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [TCP Query User{D6CCA8BB-CE5C-4938-A2D3-29B21E15AF06}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
FirewallRules: [{D5777743-9C78-47F3-9313-76223984C5D6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{7E5B5DC8-0E92-4976-97E4-9C652305F0D9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe => No File
FirewallRules: [{FF009890-058D-4CF1-992F-E9DAB369349B}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{F09A26DD-8FA9-419A-B8A1-C806C89BDB05}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{E56D7584-C9AF-450A-A6B9-83556EDE0243}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{EF02CAC9-7BB6-4846-B7EF-7C2357A6A902}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{8EAF5146-A479-424A-9E60-DCE074241AA6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{C307AC07-8F1E-4484-BBC0-B83CC6C81579}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{E402EA34-310B-4AE8-9203-AA4B75B2E017}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{9E35A38E-B4DD-4E4A-8876-89F173E09D3E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{18AABFD6-DAF9-4E7F-B53B-74D3B33A3639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{616F5BD9-80C8-413F-B6C5-4C45BA443EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{6A0BC26B-2665-4FF6-8C82-ABBB121E89B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe => No File
FirewallRules: [{A94620C3-00DC-43A6-B008-263926425188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{63E004BE-E9B2-4629-8F8E-00519AB12ACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe => No File
FirewallRules: [{7F09AE45-DB70-46B6-BC74-6A7FC40A5332}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BC8F4F66-733B-4B2F-ACF8-152390C8E038}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{74B7113F-F4AC-416F-9772-5388B879CAF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{73601948-73AB-4D77-B061-E87E5A54A71D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe => No File
FirewallRules: [{7A9531C2-02B8-4452-A3BA-7F6CA980BA5C}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F111B8A3-3569-4562-86EE-58761B7CF71D}] => (Allow) C:\Users\vitan\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\vitan\Downloads\IMG_4580.zip
C:\moje\Xiaomi\xiaomi.eu_multi_MI3WMI4W_7.10.26_v9-6.0.zip

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2221A198-ECC3-4233-8EC1-5EFC0CE3A97B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2221A198-ECC3-4233-8EC1-5EFC0CE3A97B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC2FDCBF-B1AD-456D-A33F-0DDD5CC27696}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CA5477E-F689-41AB-B2D4-D85321CCE05A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CA5477E-F689-41AB-B2D4-D85321CCE05A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-360870364-2460480245-4270640079-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\vitan\Desktop\ktp.jpg => ":com.dropbox.attributes" ADS removed successfully
C:\Users\vitan\Desktop\rodinné fota.zip => ":com.dropbox.attributes" ADS removed successfully
"HKU\S-1-5-21-360870364-2460480245-4270640079-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-360870364-2460480245-4270640079-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{28302DE2-3376-4FA7-AF66-E5D07A5A789C} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{607287B7-9C78-4F75-9BCD-DBD98A36692C}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6D556F5D-282C-4D73-93D7-FA475465B6F9}C:\users\vitan\desktop\vlc-3.0.3\vlc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B536ED9-DA8F-47AF-826F-CA8F99C9D7E5}C:\program files\videolan\vlc\vlc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D6CCA8BB-CE5C-4938-A2D3-29B21E15AF06}C:\program files\videolan\vlc\vlc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5777743-9C78-47F3-9313-76223984C5D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E5B5DC8-0E92-4976-97E4-9C652305F0D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF009890-058D-4CF1-992F-E9DAB369349B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F09A26DD-8FA9-419A-B8A1-C806C89BDB05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E56D7584-C9AF-450A-A6B9-83556EDE0243}C:\program files (x86)\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EF02CAC9-7BB6-4846-B7EF-7C2357A6A902}C:\program files (x86)\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8EAF5146-A479-424A-9E60-DCE074241AA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C307AC07-8F1E-4484-BBC0-B83CC6C81579}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E402EA34-310B-4AE8-9203-AA4B75B2E017}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E35A38E-B4DD-4E4A-8876-89F173E09D3E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18AABFD6-DAF9-4E7F-B53B-74D3B33A3639}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{616F5BD9-80C8-413F-B6C5-4C45BA443EED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6A0BC26B-2665-4FF6-8C82-ABBB121E89B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A94620C3-00DC-43A6-B008-263926425188}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63E004BE-E9B2-4629-8F8E-00519AB12ACC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F09AE45-DB70-46B6-BC74-6A7FC40A5332}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC8F4F66-733B-4B2F-ACF8-152390C8E038}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74B7113F-F4AC-416F-9772-5388B879CAF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73601948-73AB-4D77-B061-E87E5A54A71D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7A9531C2-02B8-4452-A3BA-7F6CA980BA5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F111B8A3-3569-4562-86EE-58761B7CF71D}" => removed successfully
C:\Users\vitan\Downloads\IMG_4580.zip => moved successfully
"C:\moje\Xiaomi\xiaomi.eu_multi_MI3WMI4W_7.10.26_v9-6.0.zip" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1015843165 B
Java, Flash, Steam htmlcache => 311109306 B
Windows/system/drivers => 204172507 B
Edge => 2438373 B
Chrome => 229530121 B
Firefox => 1478905810 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 13312 B
NetworkService => 605310 B
vitan => 184446502 B

RecycleBin => 69994552 B
EmptyTemp: => 3.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-03-2021 21:16:54)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:16:54 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vg38
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 18 úno 2010 18:12

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#9 Příspěvek od vg38 »

Díky, vypadá to v pořádku - obrázek už to nedetekuje jako napadený.
Kdyby něco, tak se ozvu.
Ještě jednou děkuji. :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, Trojan:Script/Wacatac.B!ml nalezen defenderem

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno