Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zamrzání notebooku

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Filipin50
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 led 2021 10:12

Zamrzání notebooku

#1 Příspěvek od Filipin50 »

Dobrý den,

stále častěji mi zamrzá ntb a na nic nereaguje (musím ho vypnout natvrdo), četl jsem, že to může být starým HDD, ale ntb má OS a programy na SSD a navíc není tak starý. Nejčastěji zamrzne, když na netflixu/hbo go něco nechám déle stoplé, ale už si nejsem jistý, jestli i u něčeho jiného. Přikládám log a za každou pomoc děkuji.

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by Legion (administrator) on LAPTOP-2VUTRN91 (LENOVO 81LB) (03-04-2021 15:11:03)
Running from C:\Users\Legion\Desktop
Loaded Profiles: Legion & postgres
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e1356fc87d32eeee\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e1356fc87d32eeee\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a5d0ffe42e074935\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a5d0ffe42e074935\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\NVDisplay.Container.exe <2>
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\Huion Tablet.exe
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878584 2019-05-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TabletDriver] => C:\Huion Tablet\Huion Tablet.exe [235240 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [335592 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {ab7ada6d-43c8-11eb-ae2b-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {b4d1f3fa-e3a6-11ea-ae13-283a4d36428a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {dc4599c1-7cd6-11eb-ae52-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-04-18]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
BootExecute: autocheck autochk *
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D26DB2A-6EA1-4CCD-9C56-BDA2939DB7F1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2195263F-DD14-4D52-9CB6-8CB05682F088} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {2ED5D25A-3AD6-4382-AB0C-26D00FDFCF9C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F9DFA69-4087-48D6-87D8-EEFD381DF33B} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {466DEE85-F9BD-4C70-8AB4-711696813A8C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4B1A450D-E135-489F-BC82-D943B815FBCD} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {57BBA088-7D91-40AC-BC1F-8CB6C2B6103E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {5BAE2012-D0D3-4430-973F-229F919F8606} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {66DD967E-481E-4176-BB70-9935B0082D28} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A5FA82C-300C-4271-9DAC-58FC4C2C9A88} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E0536D8-151E-4430-A081-27D99188FFAA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {773391BE-2C2D-4BE6-9EDE-6293A1EB80CB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4168442402-3509706111-3992125715-1004 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {7CD4AF89-059E-43AE-B298-4AF293652253} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7D176CAC-2191-4486-B27A-84783E32487F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\58fc83bc-17f4-44f9-ae0d-0b8831c51dcf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {931E10BF-A29B-47CE-98A6-D75493989534} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {935DBE73-4416-4367-818E-FDE9E71AE73F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7addc44a-c55f-4141-8ed7-2f4d46d508c1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {96A2C6C8-55D7-4A26-951C-F4AB911B28EF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {99252422-C471-4E1E-BD31-B59AC25F0392} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {A0AA2460-B63B-4649-A533-7D0CCDCBBC98} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-4168442402-3509706111-3992125715-1002_0 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A2A2C367-4FC4-48CC-BF09-57403674E90B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {AF223032-65E3-49E0-BBCF-D9F53B469472} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4168442402-3509706111-3992125715-1001 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B39FBC5B-8DA7-43DC-998D-144FEF103635} - System32\Tasks\Lenovo\FBNetFilter PNP Task => C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
Task: {B5FC3428-142E-44BE-9AF4-FFC6820775F2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a0f41fd4-5054-4816-bf4c-319f861aedba => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B67AC1BA-32DF-44FD-BC82-C67C52091CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8C6CCEB-A772-4C57-8C64-F135170CDDBA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D15E1920-4106-4A41-8B2F-DF858B600FDB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D36E6589-FF2C-4A15-9E53-0F306F1BBFBB} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DC104163-DED4-4D3E-89DF-D0135AA0340F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCED9285-1945-4ABD-8B1D-F7236FFCD22E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE694739-026D-473F-8890-9B26988D6169} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-filipin50@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E45A50FB-4EC4-45AD-8DF3-9EE11EC96783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {EB712473-C5F2-48FA-97F0-4958B396ED41} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {F0D55613-DBA6-43D9-9743-9223E12CDCAC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {F2422D23-A5E1-45AF-B441-B57CB16EA52C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\068edd42-3e9a-4a2a-a28e-7a7f82096879 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {F522772F-22EC-449D-BCC7-77A5C10D377A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4168442402-3509706111-3992125715-1002 => C:\Users\Legion\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.77.1 8.8.8.8
Tcpip\..\Interfaces\{101d0408-cccb-47d0-ad71-8fd8135a5211}: [DhcpNameServer] 192.168.77.1
Tcpip\..\Interfaces\{75c8d44e-f50e-488d-9088-3a566a01808c}: [DhcpNameServer] 192.168.77.1 8.8.8.8

Edge:
=======
Edge Profile: C:\Users\Legion\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-03]
Edge HomePage: Default -> hxxp://google.com/

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-03-24] (Adobe Systems Incorporated -> )

Chrome:
=======
CHR Profile: C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default [2021-04-03]
CHR DownloadDir: D:\Downloads
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Prezentace) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-03]
CHR Extension: (Disk Google) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-03]
CHR Extension: (MEGA) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-03-31]
CHR Extension: (Touch VPN - Secure and unlimited VPN proxy) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2021-03-17]
CHR Extension: (YouTube) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-03]
CHR Extension: (Chrome Media Router) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [398352 2018-06-21] (Dolby Laboratories, Inc. -> )
S4 FBNetFilterInstall; C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [305520 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476288 2020-10-26] (Electronic Arts, Inc. -> Electronic Arts)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1332632 2021-04-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CinemaCamera; C:\WINDOWS\System32\drivers\CinemaCamera.sys [27368 2020-02-20] (WDKTestCert build,131613220053715806 -> Blackmagic Design)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R3 MpKsld5cfc7d6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7ADA3D26-77C2-40B9-913D-5B9788F240D7}\MpKslDrv.sys [97528 2021-04-03] (Microsoft Windows -> Microsoft Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 MpKsl33f168b9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{24A60F82-62DC-4E4B-A96F-FA427FD47318}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 15:10 - 2021-04-03 15:10 - 000000000 ____D C:\Users\Legion\Desktop\FRST-OlderVersion
2021-04-03 15:00 - 2021-04-03 15:00 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-4168442402-3509706111-3992125715-1002_0
2021-03-31 19:23 - 2021-03-31 19:23 - 001855258 _____ C:\Users\Legion\Documents\RIME more ANXIETY.drp
2021-03-31 14:14 - 2021-03-31 14:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-31 14:12 - 2021-03-13 06:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001452304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001191696 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000687888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-03-31 14:12 - 2021-03-13 06:02 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000612144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000556848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 002102560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 001587488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 000655648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 008306456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-03-31 14:12 - 2021-03-13 05:59 - 000848656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-03-31 14:12 - 2021-03-13 05:57 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-31 14:12 - 2021-03-11 07:15 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-31 14:06 - 2021-03-31 14:06 - 000001998 _____ C:\Users\Legion\Desktop\DaVinci Resolve.lnk
2021-03-31 14:05 - 2021-03-31 14:06 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-03-22 15:47 - 2021-03-22 15:47 - 000417488 _____ C:\Users\Legion\Desktop\fotka_1.1.1.drx
2021-03-19 12:33 - 2021-03-19 12:33 - 000000222 _____ C:\Users\Legion\Desktop\Fable Anniversary.url
2021-03-19 12:33 - 2021-03-19 12:33 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-19 11:37 - 2021-03-19 11:37 - 000000000 ____D C:\Users\Legion\AppData\Local\Steam
2021-03-19 11:35 - 2021-03-20 17:34 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-19 11:35 - 2021-03-19 11:35 - 000001047 _____ C:\Users\Public\Desktop\Steam.lnk
2021-03-19 11:35 - 2021-03-19 11:35 - 000001047 _____ C:\ProgramData\Desktop\Steam.lnk
2021-03-19 11:35 - 2021-03-19 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-14 20:06 - 2021-03-28 17:26 - 000000000 ____D C:\Users\Legion\Documents\My Games
2021-03-14 20:04 - 2021-03-28 17:26 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\Users\Legion\AppData\Local\Disc_Soft_Ltd
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-03-14 20:00 - 2021-03-14 20:15 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Disc-Soft
2021-03-14 20:00 - 2021-03-14 20:15 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-14 20:00 - 2021-03-14 20:00 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2021-03-14 20:00 - 2021-03-14 20:00 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2021-03-14 20:00 - 2021-03-14 20:00 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-03-14 20:00 - 2021-03-14 20:00 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-03-11 01:37 - 2021-03-11 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 01:37 - 2021-03-11 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 01:37 - 2021-03-11 01:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 01:37 - 2021-03-11 01:37 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 01:37 - 2021-03-11 01:37 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 15:11 - 2021-01-03 11:08 - 000025089 _____ C:\Users\Legion\Desktop\FRST.txt
2021-04-03 15:11 - 2021-01-03 11:08 - 000000000 ____D C:\FRST
2021-04-03 15:10 - 2021-01-03 11:07 - 002298368 _____ (Farbar) C:\Users\Legion\Desktop\FRST64.exe
2021-04-03 15:02 - 2018-12-14 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-03 15:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-03 15:00 - 2019-09-13 16:57 - 000000000 __SHD C:\Users\Legion\IntelGraphicsProfiles
2021-04-03 14:59 - 2020-09-17 21:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-03 14:40 - 2020-09-17 21:42 - 001725014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-03 14:40 - 2019-12-07 16:41 - 000735572 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-03 14:40 - 2019-12-07 16:41 - 000150284 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-03 14:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-03 14:36 - 2020-09-17 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-03 14:36 - 2020-09-17 21:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-03 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-03 11:28 - 2020-10-14 18:21 - 000000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-03 04:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 04:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-03 04:43 - 2020-06-06 13:15 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-02 17:15 - 2020-02-12 11:45 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-04-02 17:14 - 2020-02-12 11:44 - 000000000 ____D C:\Program Files\Rockstar Games
2021-04-02 16:25 - 2020-09-17 21:07 - 000000000 ____D C:\Users\postgres
2021-04-02 16:25 - 2020-09-17 21:07 - 000000000 ____D C:\Users\Legion
2021-04-02 16:24 - 2019-12-04 23:34 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-04-02 16:24 - 2019-12-04 23:34 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-04-02 16:20 - 2021-01-02 18:54 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 16:20 - 2021-01-02 18:54 - 000002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-02 16:20 - 2021-01-02 18:54 - 000002177 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-02 07:02 - 2019-09-17 19:47 - 000000000 ____D C:\Users\Legion\AppData\Local\CrashDumps
2021-04-02 06:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-31 15:12 - 2019-09-13 17:08 - 000000000 ____D C:\Users\Legion\AppData\Local\NVIDIA
2021-03-31 14:14 - 2019-11-05 17:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-03-31 14:07 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-03-31 14:07 - 2018-12-14 22:31 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-31 14:03 - 2019-09-13 23:37 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-03-31 09:34 - 2019-09-13 17:08 - 000000000 ____D C:\Users\Legion\AppData\Local\D3DSCache
2021-03-28 17:26 - 2018-04-17 21:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-24 02:48 - 2019-12-31 16:23 - 000000000 ____D C:\Users\Legion\AppData\Local\Battle.net
2021-03-22 06:00 - 2020-11-05 22:41 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-22 06:00 - 2019-09-13 22:26 - 002830625 ____N C:\WINDOWS\Minidump\032221-18468-01.dmp
2021-03-18 12:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-17 17:10 - 2019-12-05 21:44 - 000000000 ____D C:\Users\Legion\AppData\Local\ElevatedDiagnostics
2021-03-16 02:30 - 2019-09-13 22:26 - 002755305 ____N C:\WINDOWS\Minidump\031621-17953-01.dmp
2021-03-15 23:32 - 2018-04-17 21:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-14 22:27 - 2021-01-11 22:13 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-14 22:27 - 2021-01-11 22:13 - 000062392 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-14 22:27 - 2020-08-10 20:56 - 000429944 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-03-14 22:27 - 2018-12-14 22:31 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-03-14 19:59 - 2019-09-13 23:27 - 000000000 ____D C:\Users\Legion\AppData\Roaming\vlc
2021-03-13 05:57 - 2020-04-17 15:30 - 007119848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-12 16:03 - 2021-02-08 01:26 - 000000947 _____ C:\Users\Legion\Desktop\Red Dead Redemption 2.lnk
2021-03-11 02:04 - 2020-09-17 21:31 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 01:33 - 2019-04-24 21:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 01:31 - 2019-04-24 21:21 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 00:39 - 2020-09-17 20:25 - 000000000 ___HD C:\$WinREAgent
2021-03-05 16:13 - 2020-09-17 21:37 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-03-04 12:37 - 2021-01-03 13:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 12:37 - 2021-01-03 13:12 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-12-04 23:32 - 2019-12-04 23:32 - 000000410 _____ () C:\Users\Legion\AppData\Local\oobelibMkey.log
2020-06-26 16:39 - 2021-02-07 15:18 - 000007602 _____ () C:\Users\Legion\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by Legion (03-04-2021 15:12:01)
Running from C:\Users\Legion\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-09-17 19:37:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4168442402-3509706111-3992125715-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4168442402-3509706111-3992125715-503 - Limited - Disabled)
Guest (S-1-5-21-4168442402-3509706111-3992125715-501 - Limited - Disabled)
Legion (S-1-5-21-4168442402-3509706111-3992125715-1002 - Administrator - Enabled) => C:\Users\Legion
Lucinka (S-1-5-21-4168442402-3509706111-3992125715-1004 - Limited - Enabled) => C:\Users\Lucinka
postgres (S-1-5-21-4168442402-3509706111-3992125715-1003 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-4168442402-3509706111-3992125715-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{9C542173-96F0-435D-A95C-468CAAC75EA0}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Balíček ovladače systému Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic ATEM Switchers (HKLM\...\{DF650C10-6B9D-48D8-A999-DA53CBF5436D}) (Version: 8.2.3.0 - Blackmagic Design)
Blackmagic RAW (HKLM\...\{BE73FED2-8EA3-4C06-A09E-3A4A1CF82E0E}) (Version: 2.0 - Blackmagic Design)
DaVinci Resolve (HKLM\...\{B3A29661-4435-4FA2-BC9E-261CAD1DE1C8}) (Version: 17.1.10009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{6CA5153C-F6DB-4495-AC9A-380DEAF9E3D5}) (Version: 1.5.2.0 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Sound Library (HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\{bb8b53f3-a62c-4d40-9d9d-0b6d216d52cc}) (Version: 1.0.0 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Huion Tablet v14.8.90.1126 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.90.1126 - )
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4168442402-3509706111-3992125715-1004\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.87.45080 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
Quake 4 verze 1.4.2 (HKLM-x32\...\{79248899-B477-49FB-B6F0-7B5FC8631375}_is1) (Version: 1.4.2 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.23 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_2.1002.243.0_x64__rz1tebttyb220 [2018-12-14] (Dolby Laboratories)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-27] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-02-05] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-21] (LENOVO INC) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10208.5627.0_x64__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-31] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-30] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-09-19] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FB783C5FDCA9} -> [Creative Cloud Files] => C:\Users\Legion\Creative Cloud Files [2019-12-04 23:42]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\nvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-13 23:36 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2019-09-13 23:37 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2019-09-13 23:37 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2019-09-13 23:37 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2020-04-18 14:49 - 2019-12-04 08:26 - 000210432 _____ (Graphics Tablet) [File not signed] C:\WINDOWS\system32\wintab32.dll
2021-02-07 13:32 - 2020-05-30 16:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2021-02-26 14:37 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-02-26 14:36 - 2020-04-09 10:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-13 23:37 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2019-09-13 23:37 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> DefaultScope {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2021-01-02 19:29 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-10-14 18:21 - 2021-04-03 11:28 - 000000519 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.118 DESKTOP-J515HTP.mshome.net # 2021 4 6 10 2 19 25 511
192.168.137.1 LAPTOP-2VUTRN91.mshome.net # 2026 4 4 2 9 28 1 350

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-4168442402-3509706111-3992125715-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4168442402-3509706111-3992125715-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.77.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{C25C3A92-1428-49AC-A778-2414BD0FE0DF}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{E7A49FE2-13DD-475B-8A2D-0CCE2664B739}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{CF37D4E0-920B-4252-91EF-5626507C37D9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{BC8ECD2D-2EE3-495B-8124-7DD6C6AA24E1}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{534E2966-2A68-4D1A-93A0-76B99A78FEE6}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{3A90D455-8DAF-40FD-8020-15D398D0B09C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{74B49151-E815-499A-92B4-3E226094FFA9}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{4118E8B8-338D-4FF8-9165-4B6CCA2EE104}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{FDD82C45-5772-4EE6-A72E-8190E74DEAB9}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{0D71FE7B-FD56-46FE-AC86-A08DF0569E7F}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{37C5DB62-BE86-4BB6-9850-EF1CAA46C60D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{BDB88B53-3768-4D8D-9315-C11252C5BFCF}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D0878B87-2CB6-4C8F-9731-09D947F36B0A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EAE47470-C09D-4E39-9226-FCFD110730FB}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E19CB6BF-DFC2-4573-B81A-6A4FEF439F49}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{A89A126D-CA4A-4C12-901D-BA918B6D35E5}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3A67E16B-BC88-4FCD-959A-DDC9B2D10767}D:\program files\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9E80CACC-C174-489C-9C58-5D371BDD2153}D:\program files\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{09E7D2B7-673A-4D8A-9E14-89F68A69F7E2}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{53938C8E-47C8-4DB2-B1C9-1536BC188E8C}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{323C767B-6521-49F9-9943-CBBE4B7DF75F}D:\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{64A01C6C-8AE3-45D4-ACE7-030E91F98BCE}D:\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C86DEE0-2D74-4F0E-80E8-24E389BF6391}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E83E0C6C-2EE4-4124-92DB-4CBBF727599C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1089E92B-C7FA-4ABA-BA28-765FA65DDFA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A26EC17-B885-4286-B15C-8D15C7FBA1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9746464E-EC54-4384-8033-96678E782ECD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6066361C-E6E2-49F7-A0C5-74E2E8DE3BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1A2D9551-0714-4707-9AF6-805F2E2404D0}D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{76E821D5-197F-41A2-A5F7-97A0A72B1CCB}D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{CAA9D665-09D9-4665-855A-05C6B1B32A2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A831749-C0D9-45A4-9487-2451652D7BFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9C2434CE-D8FD-4B80-9260-FEA05F8CFE1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{899DCF82-FF54-4B7F-9D26-AC8BF4B7280D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{76BDCF63-6B81-480F-9324-C57EA8F4A0ED}] => (Allow) D:\SteamLibrary\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7CF15CEA-B3F4-4255-8ECD-99EA42678FDF}] => (Allow) D:\SteamLibrary\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{86CB080A-6DCE-44C5-8C6D-448920BC0137}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9670680B-B6F8-40DB-8197-710668481929}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D0534853-2F93-4470-B0AF-B9911E1657E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0EE83539-99FF-4F21-B83B-7D8FC66B00F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93AED6BF-B66A-478E-BA70-B1B1B558FFD9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2BC87B30-3BD4-4712-9780-355C88F01FAC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7CAE55D5-E556-4CEB-889B-E8EFDBCFF4F8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8DE03A50-A07D-46B8-99F0-812CE5EBB1CD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7FD929B2-BA74-45BC-942E-49BDD7DB7BA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2751DE64-C326-4274-83F0-5459FB0DE26C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{65AB2944-E878-4C70-8259-B3F984166514}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{EF3A3FAC-D637-475E-9B58-C29296197DDD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{F616C346-1770-44EC-A4E5-8ADD29FB04D8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{73A8AE9A-B2B1-4892-9C85-5E2D61B16A6D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D2A3922-8551-418A-9717-9CF3C25138A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3909542-A835-438A-A5FE-B80DA3A787A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26D07560-1285-4660-B836-51CFEDB6DB5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{019652B5-6756-4175-95DF-BC7D081D81E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B0FD0655-8FE3-41FF-BC41-5989EBE340A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAD736F1-50B1-4A03-9A7A-9513CDB3B16C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{668F97A2-8CE3-473A-AEA4-42B04D627817}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25507B22-0BE2-4E0C-82C1-55F2DC7A2FC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

19-03-2021 13:11:48 Nainstalováno rozhraní DirectX
27-03-2021 23:07:16 Naplánovaný kontrolní bod
31-03-2021 14:02:59 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/02/2021 10:29:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/02/2021 07:02:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Lenovo.Modern.ImController.PluginHost.Device.exe, verze: 1.1.19.8, časové razítko: 0x602f26d6
Název chybujícího modulu: SLSCore.dll_unloaded, verze: 1.0.0.845, časové razítko: 0x5fd2b055
Kód výjimky: 0xc0000005
Posun chyby: 0x00151a70
ID chybujícího procesu: 0x508
Čas spuštění chybující aplikace: 0x01d7277d4f50339b
Cesta k chybující aplikaci: C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
Cesta k chybujícímu modulu: SLSCore.dll
ID zprávy: 9122eab0-734c-4e77-a7fb-d66171778c1d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2021 07:02:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Lenovo.Modern.ImController.PluginHost.Device.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 663B1A70

Error: (03/31/2021 07:24:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Resolve.exe, verze: 17.1.1.9, časové razítko: 0x00000000
Název chybujícího modulu: FairlightPage.dll, verze: 17.1.1.11, časové razítko: 0x605916b7
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000badae3
ID chybujícího procesu: 0x13e8
Čas spuštění chybující aplikace: 0x01d7262f4d9c5d3d
Cesta k chybující aplikaci: C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
Cesta k chybujícímu modulu: C:\Program Files\Blackmagic Design\DaVinci Resolve\FairlightPage.dll
ID zprávy: d758a6dd-c991-4b38-aba3-1e09d2226163
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/31/2021 02:07:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/31/2021 02:07:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/29/2021 10:31:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RDR2.exe, verze: 1.0.1355.23, časové razítko: 0x601ddf87
Název chybujícího modulu: RDR2.exe, verze: 1.0.1355.23, časové razítko: 0x601ddf87
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000023bdeb2
ID chybujícího procesu: 0x57c
Čas spuštění chybující aplikace: 0x01d72474d270da68
Cesta k chybující aplikaci: D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe
Cesta k chybujícímu modulu: D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe
ID zprávy: 654de224-254b-477d-9e9d-b5dd589451f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2021 06:22:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/03/2021 03:05:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2VUTRN91)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/03/2021 02:36:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:55:16, ‎03.‎04.‎2021) bylo neočekávané.

Error: (04/03/2021 11:33:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2VUTRN91)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/02/2021 04:34:29 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 15612 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (04/02/2021 04:34:25 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 15612 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (04/02/2021 04:34:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 15612 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (04/02/2021 04:34:20 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 15612 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (04/02/2021 04:34:13 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 15612 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}


Windows Defender:
================
Date: 2021-04-02 07:24:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FE224F05-B828-4005-9583-56F964F0C9BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-31 09:34:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9D2B382C-E925-48D0-847E-3183ED590A16}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-30 01:11:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DEBD0F05-700B-4946-B75E-40E720B99B22}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-29 00:06:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {09F16E1B-2D42-49FA-A6B4-A213FFEB4CAB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-25 16:11:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CAD8EEFF-AF66-4B61-AF43-0673488980F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-25 19:24:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.1256.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x800b010f
Popis chyby: Název CN certifikátu neodpovídá předané hodnotě.

CodeIntegrity:
===============
Date: 2021-01-03 12:09:23
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO 9VCN20WW 06/15/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 31%
Total physical RAM: 16257.3 MB
Available physical RAM: 11213.66 MB
Total Virtual: 19329.3 MB
Available Virtual: 12691.39 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:142.74 GB) NTFS
Drive d: (Data) (Fixed) (Total:1863 GB) (Free:113.97 GB) NTFS

\\?\Volume{717f00a1-75db-4238-a8e8-de98d59598d6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{ec4a076e-454d-4ab0-add4-5bc5c6da801e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 7F4B1B45)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 5A6FC2CC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamrzání notebooku

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Filipin50
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 led 2021 10:12

Re: Zamrzání notebooku

#3 Příspěvek od Filipin50 »

Děkuji a zde přikládám log.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-03-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Touch VPN - Secure and unlimited VPN proxy - bihmplhobchoageeokmgbdihknkjbknd

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Legion\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1935 octets] - [03/04/2021 16:36:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamrzání notebooku

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Filipin50
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 led 2021 10:12

Re: Zamrzání notebooku

#5 Příspěvek od Filipin50 »

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by Legion (administrator) on LAPTOP-2VUTRN91 (LENOVO 81LB) (03-04-2021 17:39:45)
Running from C:\Users\Legion\Desktop
Loaded Profiles: Legion & postgres
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e1356fc87d32eeee\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e1356fc87d32eeee\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a5d0ffe42e074935\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a5d0ffe42e074935\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Legion\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\NVDisplay.Container.exe <2>
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\Huion Tablet.exe
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878584 2019-05-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TabletDriver] => C:\Huion Tablet\Huion Tablet.exe [235240 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [335592 2019-12-04] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {ab7ada6d-43c8-11eb-ae2b-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {b4d1f3fa-e3a6-11ea-ae13-283a4d36428a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {dc4599c1-7cd6-11eb-ae52-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-04-18]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
BootExecute: autocheck autochk *
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D26DB2A-6EA1-4CCD-9C56-BDA2939DB7F1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2195263F-DD14-4D52-9CB6-8CB05682F088} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {2ED5D25A-3AD6-4382-AB0C-26D00FDFCF9C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F9DFA69-4087-48D6-87D8-EEFD381DF33B} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {466DEE85-F9BD-4C70-8AB4-711696813A8C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4B1A450D-E135-489F-BC82-D943B815FBCD} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {57BBA088-7D91-40AC-BC1F-8CB6C2B6103E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {5BAE2012-D0D3-4430-973F-229F919F8606} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {66DD967E-481E-4176-BB70-9935B0082D28} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A5FA82C-300C-4271-9DAC-58FC4C2C9A88} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E0536D8-151E-4430-A081-27D99188FFAA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {773391BE-2C2D-4BE6-9EDE-6293A1EB80CB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4168442402-3509706111-3992125715-1004 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {7CD4AF89-059E-43AE-B298-4AF293652253} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7D176CAC-2191-4486-B27A-84783E32487F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E} - \Lenovo\ImController\TimeBasedEvents\58fc83bc-17f4-44f9-ae0d-0b8831c51dcf -> No File <==== ATTENTION
Task: {931E10BF-A29B-47CE-98A6-D75493989534} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {935DBE73-4416-4367-818E-FDE9E71AE73F} - \Lenovo\ImController\TimeBasedEvents\7addc44a-c55f-4141-8ed7-2f4d46d508c1 -> No File <==== ATTENTION
Task: {96A2C6C8-55D7-4A26-951C-F4AB911B28EF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {99252422-C471-4E1E-BD31-B59AC25F0392} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {A0AA2460-B63B-4649-A533-7D0CCDCBBC98} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-4168442402-3509706111-3992125715-1002_0 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {A2A2C367-4FC4-48CC-BF09-57403674E90B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {AF223032-65E3-49E0-BBCF-D9F53B469472} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4168442402-3509706111-3992125715-1001 => C:\Users\Legion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B39FBC5B-8DA7-43DC-998D-144FEF103635} - System32\Tasks\Lenovo\FBNetFilter PNP Task => C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
Task: {B5FC3428-142E-44BE-9AF4-FFC6820775F2} - \Lenovo\ImController\TimeBasedEvents\a0f41fd4-5054-4816-bf4c-319f861aedba -> No File <==== ATTENTION
Task: {B67AC1BA-32DF-44FD-BC82-C67C52091CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8C6CCEB-A772-4C57-8C64-F135170CDDBA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D15E1920-4106-4A41-8B2F-DF858B600FDB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D36E6589-FF2C-4A15-9E53-0F306F1BBFBB} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DC104163-DED4-4D3E-89DF-D0135AA0340F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCED9285-1945-4ABD-8B1D-F7236FFCD22E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE694739-026D-473F-8890-9B26988D6169} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-filipin50@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E45A50FB-4EC4-45AD-8DF3-9EE11EC96783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {EB712473-C5F2-48FA-97F0-4958B396ED41} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {F0D55613-DBA6-43D9-9743-9223E12CDCAC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {F2422D23-A5E1-45AF-B441-B57CB16EA52C} - \Lenovo\ImController\TimeBasedEvents\068edd42-3e9a-4a2a-a28e-7a7f82096879 -> No File <==== ATTENTION
Task: {F522772F-22EC-449D-BCC7-77A5C10D377A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4168442402-3509706111-3992125715-1002 => C:\Users\Legion\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.77.1 8.8.8.8
Tcpip\..\Interfaces\{101d0408-cccb-47d0-ad71-8fd8135a5211}: [DhcpNameServer] 192.168.77.1
Tcpip\..\Interfaces\{75c8d44e-f50e-488d-9088-3a566a01808c}: [DhcpNameServer] 192.168.77.1 8.8.8.8

Edge:
=======
Edge Profile: C:\Users\Legion\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-03]
Edge HomePage: Default -> hxxp://google.com/

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-03-24] (Adobe Systems Incorporated -> )

Chrome:
=======
CHR Profile: C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default [2021-04-03]
CHR DownloadDir: D:\Downloads
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Prezentace) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-03]
CHR Extension: (Disk Google) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-03]
CHR Extension: (MEGA) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-03-31]
CHR Extension: (YouTube) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-03]
CHR Extension: (Chrome Media Router) - C:\Users\Legion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [398352 2018-06-21] (Dolby Laboratories, Inc. -> )
S4 FBNetFilterInstall; C:\WINDOWS\System32\drivers\FBNetFilterInstall.exe [1149352 2019-03-04] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [305520 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476288 2020-10-26] (Electronic Arts, Inc. -> Electronic Arts)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1332632 2021-04-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CinemaCamera; C:\WINDOWS\System32\drivers\CinemaCamera.sys [27368 2020-02-20] (WDKTestCert build,131613220053715806 -> Blackmagic Design)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
S3 MpKsld5cfc7d6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7ADA3D26-77C2-40B9-913D-5B9788F240D7}\MpKslDrv.sys [97528 2021-04-03] (Microsoft Windows -> Microsoft Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 MpKsl33f168b9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{24A60F82-62DC-4E4B-A96F-FA427FD47318}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 17:39 - 2021-04-03 17:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2021-04-03 17:39 - 2021-04-03 17:39 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2021-04-03 16:36 - 2021-04-03 16:38 - 000000000 ____D C:\AdwCleaner
2021-04-03 16:35 - 2021-04-03 16:34 - 008534696 _____ (Malwarebytes) C:\Users\Legion\Desktop\adwcleaner_8.2.exe
2021-04-03 15:10 - 2021-04-03 15:10 - 000000000 ____D C:\Users\Legion\Desktop\FRST-OlderVersion
2021-04-03 15:00 - 2021-04-03 15:00 - 000004040 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-4168442402-3509706111-3992125715-1002_0
2021-03-31 19:23 - 2021-03-31 19:23 - 001855258 _____ C:\Users\Legion\Documents\RIME more ANXIETY.drp
2021-03-31 14:14 - 2021-03-31 14:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-31 14:12 - 2021-03-13 06:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001452304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-31 14:12 - 2021-03-13 06:05 - 001191696 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-31 14:12 - 2021-03-13 06:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000687888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-03-31 14:12 - 2021-03-13 06:02 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000612144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000556848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-31 14:12 - 2021-03-13 06:02 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 002102560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 001587488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-31 14:12 - 2021-03-13 06:01 - 000655648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 008306456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-31 14:12 - 2021-03-13 06:00 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-03-31 14:12 - 2021-03-13 05:59 - 000848656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-03-31 14:12 - 2021-03-13 05:57 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-31 14:12 - 2021-03-11 07:15 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-31 14:06 - 2021-03-31 14:06 - 000001998 _____ C:\Users\Legion\Desktop\DaVinci Resolve.lnk
2021-03-31 14:05 - 2021-03-31 14:06 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-03-22 15:47 - 2021-03-22 15:47 - 000417488 _____ C:\Users\Legion\Desktop\fotka_1.1.1.drx
2021-03-19 12:33 - 2021-03-19 12:33 - 000000222 _____ C:\Users\Legion\Desktop\Fable Anniversary.url
2021-03-19 12:33 - 2021-03-19 12:33 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-19 11:37 - 2021-03-19 11:37 - 000000000 ____D C:\Users\Legion\AppData\Local\Steam
2021-03-19 11:35 - 2021-03-20 17:34 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-19 11:35 - 2021-03-19 11:35 - 000001047 _____ C:\Users\Public\Desktop\Steam.lnk
2021-03-19 11:35 - 2021-03-19 11:35 - 000001047 _____ C:\ProgramData\Desktop\Steam.lnk
2021-03-19 11:35 - 2021-03-19 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-14 20:06 - 2021-03-28 17:26 - 000000000 ____D C:\Users\Legion\Documents\My Games
2021-03-14 20:04 - 2021-03-28 17:26 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\Users\Legion\AppData\Local\Disc_Soft_Ltd
2021-03-14 20:01 - 2021-03-14 20:01 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-03-14 20:00 - 2021-03-14 20:15 - 000000000 ____D C:\Users\Legion\AppData\Roaming\Disc-Soft
2021-03-14 20:00 - 2021-03-14 20:15 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-14 20:00 - 2021-03-14 20:00 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2021-03-14 20:00 - 2021-03-14 20:00 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2021-03-14 20:00 - 2021-03-14 20:00 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-03-14 20:00 - 2021-03-14 20:00 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-03-11 01:37 - 2021-03-11 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 01:37 - 2021-03-11 01:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 01:37 - 2021-03-11 01:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 01:37 - 2021-03-11 01:37 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 01:37 - 2021-03-11 01:37 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 01:37 - 2021-03-11 01:37 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 01:37 - 2021-03-11 01:37 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 17:40 - 2021-01-03 11:08 - 000023904 _____ C:\Users\Legion\Desktop\FRST.txt
2021-04-03 17:39 - 2021-01-03 11:08 - 000000000 ____D C:\FRST
2021-04-03 17:39 - 2020-09-17 21:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-03 17:39 - 2020-09-17 21:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-03 17:39 - 2020-09-17 21:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-03 17:39 - 2020-09-17 21:07 - 000000000 ____D C:\Users\Lucinka
2021-04-03 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-03 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-03 17:39 - 2019-09-13 16:57 - 000000000 __SHD C:\Users\Legion\IntelGraphicsProfiles
2021-04-03 17:39 - 2018-12-14 22:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-03 16:38 - 2020-09-17 21:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-04-03 16:38 - 2020-09-17 21:07 - 000000000 ____D C:\WINDOWS\Lenovo
2021-04-03 16:38 - 2019-09-13 17:21 - 000000000 ____D C:\Users\Legion\AppData\Local\Lenovo
2021-04-03 16:38 - 2018-12-14 22:31 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-03 15:12 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-03 15:10 - 2021-01-03 11:07 - 002298368 _____ (Farbar) C:\Users\Legion\Desktop\FRST64.exe
2021-04-03 14:40 - 2020-09-17 21:42 - 001725014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-03 14:40 - 2019-12-07 16:41 - 000735572 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-03 14:40 - 2019-12-07 16:41 - 000150284 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-03 11:28 - 2020-10-14 18:21 - 000000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-03 04:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-03 04:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-03 04:43 - 2020-06-06 13:15 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-02 17:15 - 2020-02-12 11:45 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-04-02 17:14 - 2020-02-12 11:44 - 000000000 ____D C:\Program Files\Rockstar Games
2021-04-02 16:25 - 2020-09-17 21:07 - 000000000 ____D C:\Users\postgres
2021-04-02 16:25 - 2020-09-17 21:07 - 000000000 ____D C:\Users\Legion
2021-04-02 16:24 - 2019-12-04 23:34 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-04-02 16:24 - 2019-12-04 23:34 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-04-02 16:20 - 2021-01-02 18:54 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 16:20 - 2021-01-02 18:54 - 000002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-02 16:20 - 2021-01-02 18:54 - 000002177 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-02 07:02 - 2019-09-17 19:47 - 000000000 ____D C:\Users\Legion\AppData\Local\CrashDumps
2021-04-02 06:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-31 15:12 - 2019-09-13 17:08 - 000000000 ____D C:\Users\Legion\AppData\Local\NVIDIA
2021-03-31 14:14 - 2019-11-05 17:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-03-31 14:07 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-03-31 14:07 - 2018-12-14 22:31 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-31 14:03 - 2019-09-13 23:37 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-03-31 09:34 - 2019-09-13 17:08 - 000000000 ____D C:\Users\Legion\AppData\Local\D3DSCache
2021-03-28 17:26 - 2018-04-17 21:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-24 02:48 - 2019-12-31 16:23 - 000000000 ____D C:\Users\Legion\AppData\Local\Battle.net
2021-03-22 06:00 - 2020-11-05 22:41 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-22 06:00 - 2019-09-13 22:26 - 002830625 ____N C:\WINDOWS\Minidump\032221-18468-01.dmp
2021-03-18 12:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-17 17:10 - 2019-12-05 21:44 - 000000000 ____D C:\Users\Legion\AppData\Local\ElevatedDiagnostics
2021-03-16 02:30 - 2019-09-13 22:26 - 002755305 ____N C:\WINDOWS\Minidump\031621-17953-01.dmp
2021-03-15 23:32 - 2018-04-17 21:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-14 22:27 - 2021-01-11 22:13 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-14 22:27 - 2021-01-11 22:13 - 000062392 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-14 22:27 - 2020-08-10 20:56 - 000429944 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-03-14 22:27 - 2018-12-14 22:31 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-03-14 19:59 - 2019-09-13 23:27 - 000000000 ____D C:\Users\Legion\AppData\Roaming\vlc
2021-03-13 05:57 - 2020-04-17 15:30 - 007119848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-12 16:03 - 2021-02-08 01:26 - 000000947 _____ C:\Users\Legion\Desktop\Red Dead Redemption 2.lnk
2021-03-11 02:04 - 2020-09-17 21:31 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 02:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 01:33 - 2019-04-24 21:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-11 01:31 - 2019-04-24 21:21 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-11 00:39 - 2020-09-17 20:25 - 000000000 ___HD C:\$WinREAgent
2021-03-05 16:13 - 2020-09-17 21:37 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-03-04 12:37 - 2021-01-03 13:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 12:37 - 2021-01-03 13:12 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-12-04 23:32 - 2019-12-04 23:32 - 000000410 _____ () C:\Users\Legion\AppData\Local\oobelibMkey.log
2020-06-26 16:39 - 2021-02-07 15:18 - 000007602 _____ () C:\Users\Legion\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by Legion (03-04-2021 17:40:42)
Running from C:\Users\Legion\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-09-17 19:37:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4168442402-3509706111-3992125715-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4168442402-3509706111-3992125715-503 - Limited - Disabled)
Guest (S-1-5-21-4168442402-3509706111-3992125715-501 - Limited - Disabled)
Legion (S-1-5-21-4168442402-3509706111-3992125715-1002 - Administrator - Enabled) => C:\Users\Legion
Lucinka (S-1-5-21-4168442402-3509706111-3992125715-1004 - Limited - Enabled) => C:\Users\Lucinka
postgres (S-1-5-21-4168442402-3509706111-3992125715-1003 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-4168442402-3509706111-3992125715-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{9C542173-96F0-435D-A95C-468CAAC75EA0}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (HKLM-x32\...\{23E445D5-FD83-4C50-A211-EB26A2975317}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Balíček ovladače systému Windows - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic ATEM Switchers (HKLM\...\{DF650C10-6B9D-48D8-A999-DA53CBF5436D}) (Version: 8.2.3.0 - Blackmagic Design)
Blackmagic RAW (HKLM\...\{BE73FED2-8EA3-4C06-A09E-3A4A1CF82E0E}) (Version: 2.0 - Blackmagic Design)
DaVinci Resolve (HKLM\...\{B3A29661-4435-4FA2-BC9E-261CAD1DE1C8}) (Version: 17.1.10009 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{6CA5153C-F6DB-4495-AC9A-380DEAF9E3D5}) (Version: 1.5.2.0 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Sound Library (HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\{bb8b53f3-a62c-4d40-9d9d-0b6d216d52cc}) (Version: 1.0.0 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Huion Tablet v14.8.90.1126 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.90.1126 - )
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4168442402-3509706111-3992125715-1004\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.87.45080 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
Quake 4 verze 1.4.2 (HKLM-x32\...\{79248899-B477-49FB-B6F0-7B5FC8631375}_is1) (Version: 1.4.2 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.23 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_2.1002.243.0_x64__rz1tebttyb220 [2018-12-14] (Dolby Laboratories)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-27] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-02-05] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-21] (LENOVO INC) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10208.5627.0_x64__8wekyb3d8bbwe [2021-04-02] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-31] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-30] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-09-19] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FB783C5FDCA9} -> [Creative Cloud Files] => C:\Users\Legion\Creative Cloud Files [2019-12-04 23:42]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltsi.inf_amd64_4d97169927193b31\nvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-13 23:36 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2019-09-13 23:37 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2019-09-13 23:37 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2019-09-13 23:37 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2020-04-18 14:49 - 2019-12-04 08:26 - 000210432 _____ (Graphics Tablet) [File not signed] C:\WINDOWS\system32\wintab32.dll
2021-02-07 13:32 - 2020-05-30 16:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-13 23:37 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2019-09-13 23:37 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2020-05-12 15:33 - 2020-05-12 15:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-30 21:52 - 2020-05-12 15:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> DefaultScope {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2021-01-02 19:29 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-10-14 18:21 - 2021-04-03 11:28 - 000000519 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.118 DESKTOP-J515HTP.mshome.net # 2021 4 6 10 2 19 25 511
192.168.137.1 LAPTOP-2VUTRN91.mshome.net # 2026 4 4 2 9 28 1 350

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-4168442402-3509706111-3992125715-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4168442402-3509706111-3992125715-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.77.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{C25C3A92-1428-49AC-A778-2414BD0FE0DF}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{E7A49FE2-13DD-475B-8A2D-0CCE2664B739}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{CF37D4E0-920B-4252-91EF-5626507C37D9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{BC8ECD2D-2EE3-495B-8124-7DD6C6AA24E1}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{534E2966-2A68-4D1A-93A0-76B99A78FEE6}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{3A90D455-8DAF-40FD-8020-15D398D0B09C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{74B49151-E815-499A-92B4-3E226094FFA9}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{4118E8B8-338D-4FF8-9165-4B6CCA2EE104}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{FDD82C45-5772-4EE6-A72E-8190E74DEAB9}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{0D71FE7B-FD56-46FE-AC86-A08DF0569E7F}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{37C5DB62-BE86-4BB6-9850-EF1CAA46C60D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{BDB88B53-3768-4D8D-9315-C11252C5BFCF}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D0878B87-2CB6-4C8F-9731-09D947F36B0A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EAE47470-C09D-4E39-9226-FCFD110730FB}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E19CB6BF-DFC2-4573-B81A-6A4FEF439F49}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{A89A126D-CA4A-4C12-901D-BA918B6D35E5}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3A67E16B-BC88-4FCD-959A-DDC9B2D10767}D:\program files\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9E80CACC-C174-489C-9C58-5D371BDD2153}D:\program files\diablo iii\x64\diablo iii64.exe] => (Allow) D:\program files\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{09E7D2B7-673A-4D8A-9E14-89F68A69F7E2}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{53938C8E-47C8-4DB2-B1C9-1536BC188E8C}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{323C767B-6521-49F9-9943-CBBE4B7DF75F}D:\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{64A01C6C-8AE3-45D4-ACE7-030E91F98BCE}D:\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C86DEE0-2D74-4F0E-80E8-24E389BF6391}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E83E0C6C-2EE4-4124-92DB-4CBBF727599C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1089E92B-C7FA-4ABA-BA28-765FA65DDFA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A26EC17-B885-4286-B15C-8D15C7FBA1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9746464E-EC54-4384-8033-96678E782ECD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6066361C-E6E2-49F7-A0C5-74E2E8DE3BDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1A2D9551-0714-4707-9AF6-805F2E2404D0}D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{76E821D5-197F-41A2-A5F7-97A0A72B1CCB}D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{CAA9D665-09D9-4665-855A-05C6B1B32A2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A831749-C0D9-45A4-9487-2451652D7BFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9C2434CE-D8FD-4B80-9260-FEA05F8CFE1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{899DCF82-FF54-4B7F-9D26-AC8BF4B7280D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{76BDCF63-6B81-480F-9324-C57EA8F4A0ED}] => (Allow) D:\SteamLibrary\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7CF15CEA-B3F4-4255-8ECD-99EA42678FDF}] => (Allow) D:\SteamLibrary\steamapps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{86CB080A-6DCE-44C5-8C6D-448920BC0137}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9670680B-B6F8-40DB-8197-710668481929}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D0534853-2F93-4470-B0AF-B9911E1657E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0EE83539-99FF-4F21-B83B-7D8FC66B00F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93AED6BF-B66A-478E-BA70-B1B1B558FFD9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2BC87B30-3BD4-4712-9780-355C88F01FAC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7CAE55D5-E556-4CEB-889B-E8EFDBCFF4F8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8DE03A50-A07D-46B8-99F0-812CE5EBB1CD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7FD929B2-BA74-45BC-942E-49BDD7DB7BA4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2751DE64-C326-4274-83F0-5459FB0DE26C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{65AB2944-E878-4C70-8259-B3F984166514}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{EF3A3FAC-D637-475E-9B58-C29296197DDD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{F616C346-1770-44EC-A4E5-8ADD29FB04D8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{73A8AE9A-B2B1-4892-9C85-5E2D61B16A6D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D2A3922-8551-418A-9717-9CF3C25138A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3909542-A835-438A-A5FE-B80DA3A787A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26D07560-1285-4660-B836-51CFEDB6DB5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{019652B5-6756-4175-95DF-BC7D081D81E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B0FD0655-8FE3-41FF-BC41-5989EBE340A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BAD736F1-50B1-4A03-9A7A-9513CDB3B16C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{668F97A2-8CE3-473A-AEA4-42B04D627817}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25507B22-0BE2-4E0C-82C1-55F2DC7A2FC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

19-03-2021 13:11:48 Nainstalováno rozhraní DirectX
27-03-2021 23:07:16 Naplánovaný kontrolní bod
31-03-2021 14:02:59 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664
03-04-2021 16:38:19 AdwCleaner_BeforeCleaning_03/04/2021_16:38:18

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/02/2021 10:29:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/02/2021 07:02:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Lenovo.Modern.ImController.PluginHost.Device.exe, verze: 1.1.19.8, časové razítko: 0x602f26d6
Název chybujícího modulu: SLSCore.dll_unloaded, verze: 1.0.0.845, časové razítko: 0x5fd2b055
Kód výjimky: 0xc0000005
Posun chyby: 0x00151a70
ID chybujícího procesu: 0x508
Čas spuštění chybující aplikace: 0x01d7277d4f50339b
Cesta k chybující aplikaci: C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
Cesta k chybujícímu modulu: SLSCore.dll
ID zprávy: 9122eab0-734c-4e77-a7fb-d66171778c1d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2021 07:02:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Lenovo.Modern.ImController.PluginHost.Device.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 663B1A70

Error: (03/31/2021 07:24:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Resolve.exe, verze: 17.1.1.9, časové razítko: 0x00000000
Název chybujícího modulu: FairlightPage.dll, verze: 17.1.1.11, časové razítko: 0x605916b7
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000badae3
ID chybujícího procesu: 0x13e8
Čas spuštění chybující aplikace: 0x01d7262f4d9c5d3d
Cesta k chybující aplikaci: C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
Cesta k chybujícímu modulu: C:\Program Files\Blackmagic Design\DaVinci Resolve\FairlightPage.dll
ID zprávy: d758a6dd-c991-4b38-aba3-1e09d2226163
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/31/2021 02:07:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/31/2021 02:07:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/29/2021 10:31:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RDR2.exe, verze: 1.0.1355.23, časové razítko: 0x601ddf87
Název chybujícího modulu: RDR2.exe, verze: 1.0.1355.23, časové razítko: 0x601ddf87
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000023bdeb2
ID chybujícího procesu: 0x57c
Čas spuštění chybující aplikace: 0x01d72474d270da68
Cesta k chybující aplikaci: D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe
Cesta k chybujícímu modulu: D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe
ID zprávy: 654de224-254b-477d-9e9d-b5dd589451f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2021 06:22:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/03/2021 05:40:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/03/2021 05:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/03/2021 05:39:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/03/2021 05:39:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/03/2021 05:39:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:16:25, ‎03.‎04.‎2021) bylo neočekávané.

Error: (04/03/2021 04:38:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2021 04:38:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2021 04:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-04-02 07:24:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FE224F05-B828-4005-9583-56F964F0C9BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-31 09:34:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9D2B382C-E925-48D0-847E-3183ED590A16}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-30 01:11:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DEBD0F05-700B-4946-B75E-40E720B99B22}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-29 00:06:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {09F16E1B-2D42-49FA-A6B4-A213FFEB4CAB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-25 16:11:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CAD8EEFF-AF66-4B61-AF43-0673488980F9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-25 19:24:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.1256.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x800b010f
Popis chyby: Název CN certifikátu neodpovídá předané hodnotě.

CodeIntegrity:
===============
Date: 2021-01-03 12:09:23
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO 9VCN20WW 06/15/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 23%
Total physical RAM: 16257.3 MB
Available physical RAM: 12417.23 MB
Total Virtual: 19329.3 MB
Available Virtual: 13978.86 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:142.15 GB) NTFS
Drive d: (Data) (Fixed) (Total:1863 GB) (Free:113.96 GB) NTFS

\\?\Volume{717f00a1-75db-4238-a8e8-de98d59598d6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{ec4a076e-454d-4ab0-add4-5bc5c6da801e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 7F4B1B45)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 5A6FC2CC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamrzání notebooku

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {ab7ada6d-43c8-11eb-ae2b-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {b4d1f3fa-e3a6-11ea-ae13-283a4d36428a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {dc4599c1-7cd6-11eb-ae52-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {466DEE85-F9BD-4C70-8AB4-711696813A8C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4B1A450D-E135-489F-BC82-D943B815FBCD} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E} - \Lenovo\ImController\TimeBasedEvents\58fc83bc-17f4-44f9-ae0d-0b8831c51dcf -> No File <==== ATTENTION
Task: {935DBE73-4416-4367-818E-FDE9E71AE73F} - \Lenovo\ImController\TimeBasedEvents\7addc44a-c55f-4141-8ed7-2f4d46d508c1 -> No File <==== ATTENTION
Task: {B5FC3428-142E-44BE-9AF4-FFC6820775F2} - \Lenovo\ImController\TimeBasedEvents\a0f41fd4-5054-4816-bf4c-319f861aedba -> No File <==== ATTENTION
Task: {A2A2C367-4FC4-48CC-BF09-57403674E90B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {D36E6589-FF2C-4A15-9E53-0F306F1BBFBB} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {E45A50FB-4EC4-45AD-8DF3-9EE11EC96783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {F2422D23-A5E1-45AF-B441-B57CB16EA52C} - \Lenovo\ImController\TimeBasedEvents\068edd42-3e9a-4a2a-a28e-7a7f82096879 -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> DefaultScope {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
FirewallRules: [TCP Query User{C25C3A92-1428-49AC-A778-2414BD0FE0DF}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{E7A49FE2-13DD-475B-8A2D-0CCE2664B739}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{09E7D2B7-673A-4D8A-9E14-89F68A69F7E2}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{53938C8E-47C8-4DB2-B1C9-1536BC188E8C}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [{65AB2944-E878-4C70-8259-B3F984166514}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File


EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Filipin50
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 led 2021 10:12

Re: Zamrzání notebooku

#7 Příspěvek od Filipin50 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by Legion (03-04-2021 20:02:42) Run:1
Running from C:\Users\Legion\Desktop
Loaded Profiles: Legion & postgres & Lucinka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {ab7ada6d-43c8-11eb-ae2b-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {b4d1f3fa-e3a6-11ea-ae13-283a4d36428a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\...\MountPoints2: {dc4599c1-7cd6-11eb-ae52-e86a646e89f2} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {466DEE85-F9BD-4C70-8AB4-711696813A8C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4B1A450D-E135-489F-BC82-D943B815FBCD} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E} - \Lenovo\ImController\TimeBasedEvents\58fc83bc-17f4-44f9-ae0d-0b8831c51dcf -> No File <==== ATTENTION
Task: {935DBE73-4416-4367-818E-FDE9E71AE73F} - \Lenovo\ImController\TimeBasedEvents\7addc44a-c55f-4141-8ed7-2f4d46d508c1 -> No File <==== ATTENTION
Task: {B5FC3428-142E-44BE-9AF4-FFC6820775F2} - \Lenovo\ImController\TimeBasedEvents\a0f41fd4-5054-4816-bf4c-319f861aedba -> No File <==== ATTENTION
Task: {A2A2C367-4FC4-48CC-BF09-57403674E90B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {D36E6589-FF2C-4A15-9E53-0F306F1BBFBB} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {E45A50FB-4EC4-45AD-8DF3-9EE11EC96783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-02] (Google LLC -> Google LLC)
Task: {F2422D23-A5E1-45AF-B441-B57CB16EA52C} - \Lenovo\ImController\TimeBasedEvents\068edd42-3e9a-4a2a-a28e-7a7f82096879 -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> DefaultScope {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
SearchScopes: HKU\S-1-5-21-4168442402-3509706111-3992125715-1002 -> {DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} URL =
FirewallRules: [TCP Query User{C25C3A92-1428-49AC-A778-2414BD0FE0DF}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{E7A49FE2-13DD-475B-8A2D-0CCE2664B739}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{09E7D2B7-673A-4D8A-9E14-89F68A69F7E2}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{53938C8E-47C8-4DB2-B1C9-1536BC188E8C}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => No File
FirewallRules: [{65AB2944-E878-4C70-8259-B3F984166514}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File


EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab7ada6d-43c8-11eb-ae2b-e86a646e89f2} => removed successfully
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4d1f3fa-e3a6-11ea-ae13-283a4d36428a} => removed successfully
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc4599c1-7cd6-11eb-ae52-e86a646e89f2} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{466DEE85-F9BD-4C70-8AB4-711696813A8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466DEE85-F9BD-4C70-8AB4-711696813A8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B1A450D-E135-489F-BC82-D943B815FBCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B1A450D-E135-489F-BC82-D943B815FBCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EA3E94-B4A6-4ED0-B6B2-3AE2EABB7D6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\58fc83bc-17f4-44f9-ae0d-0b8831c51dcf" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{935DBE73-4416-4367-818E-FDE9E71AE73F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{935DBE73-4416-4367-818E-FDE9E71AE73F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\7addc44a-c55f-4141-8ed7-2f4d46d508c1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5FC3428-142E-44BE-9AF4-FFC6820775F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5FC3428-142E-44BE-9AF4-FFC6820775F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\a0f41fd4-5054-4816-bf4c-319f861aedba" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2A2C367-4FC4-48CC-BF09-57403674E90B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2A2C367-4FC4-48CC-BF09-57403674E90B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D36E6589-FF2C-4A15-9E53-0F306F1BBFBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D36E6589-FF2C-4A15-9E53-0F306F1BBFBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E45A50FB-4EC4-45AD-8DF3-9EE11EC96783}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E45A50FB-4EC4-45AD-8DF3-9EE11EC96783}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2422D23-A5E1-45AF-B441-B57CB16EA52C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2422D23-A5E1-45AF-B441-B57CB16EA52C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\068edd42-3e9a-4a2a-a28e-7a7f82096879" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
"HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4168442402-3509706111-3992125715-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DE6BA080-4D90-4E02-A383-9CAF8E3B18A3} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C25C3A92-1428-49AC-A778-2414BD0FE0DF}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E7A49FE2-13DD-475B-8A2D-0CCE2664B739}D:\program files\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{09E7D2B7-673A-4D8A-9E14-89F68A69F7E2}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{53938C8E-47C8-4DB2-B1C9-1536BC188E8C}D:\program files\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65AB2944-E878-4C70-8259-B3F984166514}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30102745 B
Java, Flash, Steam htmlcache => 56768339 B
Windows/system/drivers => 10918960 B
Edge => 100378 B
Chrome => 602835047 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 432 B
NetworkService => 204004 B
Legion2045167 => 226852 B
Legion => 80927324 B
postgres => 80927324 B
Lucinka => 80989959 B

RecycleBin => 151588 B
EmptyTemp: => 910.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:03:09 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamrzání notebooku

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Filipin50
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 03 led 2021 10:12

Re: Zamrzání notebooku

#9 Příspěvek od Filipin50 »

Zatím nezamrznul znovu, včera mi před tím zamrzl asi 3x, takže když dnes bude v pohodě, tak je to asi určitě vyřešené. Moc děkuji, ještě napíšu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamrzání notebooku

#10 Příspěvek od Rudy »

OK a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět