Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Modrá smrt netwtw08.sys a občasné přehřívání notebooku

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#1 Příspěvek od barrad »

Zdravím,
asi týden (bez toho, abych instaloval nějaký nový program) mi bez zjištěné příčiny padá počítač do modré smrtis chybou ohledně netwtw08.sys a také (což je již delší dobu) se mi u her začíná hodně zahřívat notebook což také v minulosti nedělal (větrák je čistý). Prosím tedy o kontrolu logu a radu jak vyřešit aspoň modrou smrt, děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Ran by boxer300 (administrator) on U06-PORADKOVA (Dell Inc. Precision 3530) (07-05-2021 13:04:58)
Running from C:\Users\boxer300\Desktop
Loaded Profiles: boxer300
Platform: Windows 10 Pro Version 2004 19041.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEvents.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\dpoMonitorSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Discord Inc. -> Discord Inc.) C:\Users\boxer300\AppData\Local\Discord\app-1.0.9001\Discord.exe <6>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_28efa2cb508b2ae9\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_70e7e4392a76adb3\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6610765cda2bce8\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6610765cda2bce8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\boxer300\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEventsLauncher.exe [178384 2020-07-09] (Dell Inc -> )
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076216 2020-04-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [164808 2021-05-06] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2020-02-20] (Mixbyte Inc -> )
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2142544 2021-05-07] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Videostream] => C:\Users\boxer300\AppData\Local\Videostream\app-0.4.3\Videostream.exe [340584 2020-08-26] (RouteThis Inc. -> Videostream)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\boxer300\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-02-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Discord] => C:\Users\boxer300\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-10-03] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
Startup: C:\Users\boxer300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 6.3.lnk [2019-10-13]
ShortcutTarget: LibreOffice 6.3.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E24095E-696A-43C6-8D3B-F7DCD28F91BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {1AD511AD-E6EB-457B-8D74-2816663AC127} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-27] () [File not signed]
Task: {21DFAC19-EA64-4C50-A1F5-7FD73CE5AC2C} - System32\Tasks\PinnacleStudioUpdater => C:\Program Files\Pinnacle\Studio 22\programs\PSNotification.exe [635976 2019-02-20] (Corel Corporation -> )
Task: {227B5A99-FBC0-4063-A58F-200AD27F42C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {3048041F-D78E-4ACF-9A2C-BD811EE613E5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3CDF9666-541F-47CE-88C3-F8EEF884A3CB} - System32\Tasks\PinnacleStudio22Notifier => C:\Program Files\Pinnacle\Studio 22\programs\PinnacleNotifierWrapper.exe [17504 2019-06-19] (Corel Corporation -> Pinnacle)
Task: {5140FCAC-DA7A-406A-A9D0-B1EE6E3EC8F2} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2096040 2019-03-07] (NVIDIA Corporation -> )
Task: {76D9EC3A-F60A-49FF-8024-639E751BBA3F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {89C9D021-C926-48B6-B51C-9E4B6119E69E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8BBC66C9-A9D0-4535-9D1B-03D54DC9A60D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {94D47F68-4503-4203-A8D9-7224B418F21C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
Task: {C0598F9A-B367-404D-A7B4-45AE10E7E945} - System32\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002 => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D639E96C-EFB6-4932-A332-C0160C91BED9} - System32\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002 => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E7166BE9-F208-49ED-ADF3-8CDD7F0DA666} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {E98A8D1A-7BA1-4C1E-A0EA-B90FD6D0D41C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002.job => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002.job => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{58a71dbc-f2a1-469a-906e-52a6d59fb6ad}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cbb72275-ca0f-4a1d-bd66-98d1633c9214}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\boxer300\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-06]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default [2021-05-07]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Extension: (Prezentace) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-03]
CHR Extension: (Dokumenty) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-03]
CHR Extension: (Disk Google) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-03]
CHR Extension: (YouTube) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-03]
CHR Extension: (YouTube Music) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-03-03]
CHR Extension: (Tabulky) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2021-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-03]
CHR Extension: (Gmail) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894848 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{FB52DEAE-B634-4D32-A0D9-3826F6816D40} [21312 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DpoMonitorSvc; C:\Program Files\Dell\PPO\dpoMonitorSvc.exe [1382096 2020-07-09] (Dell Inc -> Dell Inc.)
R2 dpoTelemetrySvc; C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe [241360 2020-07-09] (Dell Inc -> Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-06] (ESET, spol. s r.o. -> ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-02-20] (Mixbyte Inc -> Freemake)
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [815616 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [161280 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4788136 2020-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [1771728 2020-07-09] (Dell Inc -> Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [424656 2020-07-09] (Dell Inc -> Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [1507528 2020-07-09] (Dell Inc -> Dell Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [265728 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [372384 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169400 2021-05-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [112576 2021-05-06] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [192624 2021-05-06] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43832 2021-05-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70160 2021-05-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107400 2021-05-06] (ESET, spol. s r.o. -> ESET)
R3 POADrvr; C:\WINDOWS\system32\drivers\POADrvr.sys [40872 2019-09-08] (DellDPO(driver) -> Dell Computer Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-07 13:04 - 2021-05-07 13:05 - 000024811 _____ C:\Users\boxer300\Desktop\FRST.txt
2021-05-07 13:04 - 2021-05-07 13:05 - 000000000 ____D C:\FRST
2021-05-07 13:03 - 2021-05-07 13:03 - 002298368 _____ (Farbar) C:\Users\boxer300\Desktop\FRST64.exe
2021-05-07 12:55 - 2021-05-07 12:55 - 002570172 _____ C:\WINDOWS\Minidump\050721-13953-01.dmp
2021-05-07 12:54 - 2021-05-07 12:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-07 10:03 - 2021-05-07 10:12 - 000000000 ____D C:\Users\boxer300\Desktop\ŚKolka
2021-05-06 13:43 - 2021-05-07 12:55 - 1408115658 _____ C:\WINDOWS\MEMORY.DMP
2021-05-06 13:43 - 2021-05-06 13:44 - 002155692 _____ C:\WINDOWS\Minidump\050621-15296-01.dmp
2021-05-06 13:21 - 2021-05-06 13:22 - 002659804 _____ C:\WINDOWS\Minidump\050621-14187-01.dmp
2021-05-06 12:57 - 2021-05-06 12:57 - 000192624 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000169400 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000107400 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000070160 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-05-05 10:00 - 2021-05-05 10:00 - 002638844 _____ C:\WINDOWS\Minidump\050521-24937-01.dmp
2021-05-05 08:54 - 2021-05-05 08:54 - 000138387 _____ C:\Users\boxer300\Desktop\Žádost o přijetí k předškolnímu vzdělávání.pdf
2021-05-04 21:41 - 2021-05-04 21:42 - 002516252 _____ C:\WINDOWS\Minidump\050421-15046-01.dmp
2021-04-26 10:44 - 2021-04-26 10:44 - 000033502 _____ C:\Users\boxer300\Desktop\Opis_smluvnich_udaju.PDF
2021-04-26 10:41 - 2021-04-26 10:41 - 000230842 _____ C:\Users\boxer300\Desktop\Faktura_0020206915_7352089600_2106727122.PDF
2021-04-26 08:33 - 2021-04-26 08:39 - 702585541 _____ C:\Users\boxer300\Desktop\tridnim-ucitelem-v-postcovidove-dobe-ii.mp4
2021-04-25 11:08 - 2021-04-25 11:08 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2909572-1331742790-1802043775-1002
2021-04-25 11:08 - 2021-04-25 11:08 - 000002368 _____ C:\Users\boxer300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-23 15:48 - 2021-04-23 15:48 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-20 20:35 - 2021-04-20 20:36 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-04-16 13:06 - 2021-04-16 13:06 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 13:06 - 2021-04-16 13:06 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 13:06 - 2021-04-16 13:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-07 13:05 - 2020-10-14 22:20 - 000000000 ____D C:\Users\OIKT
2021-05-07 12:59 - 2020-10-14 22:28 - 001693354 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-07 12:59 - 2019-12-07 16:43 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-07 12:59 - 2019-12-07 16:43 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-07 12:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-07 12:57 - 2019-07-04 21:37 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-05-07 12:55 - 2021-03-05 21:21 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\discord
2021-05-07 12:55 - 2021-03-05 21:21 - 000000000 ____D C:\Users\boxer300\AppData\Local\Discord
2021-05-07 12:55 - 2021-01-03 09:15 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-07 12:55 - 2020-11-12 09:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-07 12:55 - 2020-10-14 22:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-07 12:55 - 2020-10-14 22:20 - 000000000 ____D C:\Users\boxer300
2021-05-07 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-07 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-07 12:55 - 2019-10-24 16:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-07 12:55 - 2019-07-04 21:37 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-07 12:55 - 2019-07-04 21:34 - 000149402 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2021-05-07 12:55 - 2019-07-04 21:33 - 000000000 ____D C:\Intel
2021-05-07 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-06 13:07 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\WhatsApp
2021-05-06 12:57 - 2020-10-26 10:28 - 000112576 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-05-06 12:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-05-06 04:21 - 2020-10-14 22:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-06 01:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-06 01:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-05 19:56 - 2019-10-03 13:48 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2021-05-02 13:56 - 2020-06-10 20:12 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 20:32 - 2020-10-01 12:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-27 21:24 - 2021-03-03 21:56 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-26 10:46 - 2019-10-10 08:47 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\AIMP
2021-04-26 08:17 - 2020-10-14 22:30 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a267fc15bd72
2021-04-26 08:17 - 2020-10-14 22:27 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-25 11:08 - 2019-10-03 12:00 - 000000000 ___RD C:\Users\boxer300\OneDrive
2021-04-23 15:56 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Local\WhatsApp
2021-04-23 15:56 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Local\SquirrelTemp
2021-04-22 10:00 - 2021-03-03 21:55 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 10:00 - 2021-03-03 21:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 20:36 - 2019-07-04 21:34 - 000000000 ____D C:\ProgramData\Intel
2021-04-20 20:36 - 2019-07-04 21:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-20 20:36 - 2019-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-20 20:36 - 2019-07-04 21:25 - 000000000 ____D C:\Program Files\Intel
2021-04-19 15:36 - 2019-10-20 16:07 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\MPC-HC
2021-04-16 23:20 - 2021-04-06 00:07 - 000000680 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002.job
2021-04-16 23:20 - 2021-04-06 00:07 - 000000584 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002.job
2021-04-16 23:20 - 2021-03-03 21:30 - 000547472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-16 23:20 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-16 23:19 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 13:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 13:06 - 2020-10-14 22:21 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 13:02 - 2019-09-26 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 13:00 - 2019-09-26 14:17 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2019-10-10 08:11 - 2020-09-11 11:28 - 000001605 _____ () C:\Users\boxer300\AppData\Roaming\U06-PORADKOVA.MTBF.txt
2019-10-10 08:16 - 2020-05-30 20:50 - 000005120 _____ () C:\Users\boxer300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-10 18:24 - 2020-03-10 18:24 - 000019060 _____ () C:\Users\boxer300\AppData\Local\recently-used.xbel
2020-12-11 22:17 - 2020-12-11 22:17 - 000007606 _____ () C:\Users\boxer300\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by boxer300 (07-05-2021 13:06:04)
Running from C:\Users\boxer300\Desktop
Windows 10 Pro Version 2004 19041.928 (X64) (2020-10-14 20:27:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2909572-1331742790-1802043775-500 - Administrator - Disabled)
boxer300 (S-1-5-21-2909572-1331742790-1802043775-1002 - Administrator - Enabled) => C:\Users\boxer300
DefaultAccount (S-1-5-21-2909572-1331742790-1802043775-503 - Limited - Disabled)
Guest (S-1-5-21-2909572-1331742790-1802043775-501 - Limited - Disabled)
OIKT (S-1-5-21-2909572-1331742790-1802043775-1001 - Administrator - Enabled) => C:\Users\OIKT
uzjgclvuqspw (S-1-5-21-2909572-1331742790-1802043775-1003 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2909572-1331742790-1802043775-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
Ambarella AmbaUSB 3.4.8 (HKLM-x32\...\Ambarella AmbaUSB) (Version: 3.4.8 - Ambarella)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Balíček ovladače systému Windows - libusb-win32 Ambarella Evaluation Board Devices (02/23/2013 1.2.6.0) (HKLM\...\F096309D24CCFB8386E7531DF7D80DAD68EB9719) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
Cam Manager (HKLM-x32\...\Cam Manager) (Version: - )
CDBurnerXP (64 bit) (HKLM\...\{EFD6587A-C63D-4AEF-982C-1EB3878EF0CC}) (Version: 4.5.8.6795 - Canneverbe Limited)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dell Command | Update for Windows 10 (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.1.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{0C642DDD-65AD-4408-BE4A-5ED6CB441893}) (Version: 4.12.5.8 - Broadcom Limited)
Dell Data Vault (64 bit) (HKLM\...\{4F2BFA60-E4F6-4BC4-9DAC-19E5A5E01ACA}) (Version: 5.5.1.906 - Dell) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 6.4.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{C5A70974-2F89-4BE0-90F7-749E62468C4D}) (Version: 3.8.1.23 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Discord (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
DVR365 Player 2008-A (HKLM-x32\...\{3880947B-E454-48BA-BAFD-28E242A4F30C}) (Version: 1.0.0 - dvr365.com) Hidden
DVR365 Player 2008-A (HKLM-x32\...\DVR365 Player 2008-A) (Version: - dvr365.com)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.1.19.0 - ESET, spol. s r.o.)
Free WMA to MP3 Converter 1.0 (HKLM-x32\...\{CF448039-6D80-43DE-917B-574B8F5B9BC9}_is1) (Version: - PolySoft Solutions)
Freemake Audio Converter verze 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2103.15.0.2135 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{ACA5CFAC-9E99-4764-A7AD-AF5CF3FA15BF}) (Version: 17.0.2.1076 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{f4788713-080d-49b0-919d-cd035cf9bf14}) (Version: 22.30.0.11 - Intel Corporation) Hidden
IntellexPlayer (HKLM-x32\...\{C124BC7E-1C94-44C7-A8CA-70D10644FB05}) (Version: 4.31.19.36 - Sensormatic Electronics Corporation)
K-Lite Mega Codec Pack 15.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.1.6 - KLCP)
LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.51 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2909572-1331742790-1802043775-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MultiCam Capture Lite (HKLM\...\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}) (Version: 1.1.4.10460 - Corel Corporation)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
MyDVD Content Pack 2 (HKLM-x32\...\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}) (Version: 1.00.0000 - Corel Corporation)
NVIDIA nView 149.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 452.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
Pinnacle 3D Title Editor (HKLM\...\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}) (Version: 1.0.8.185 - Corel Corporation)
Pinnacle Creative Pack Volume 1 (HKLM\...\{C42189EA-8768-4B9A-B54B-5B8872853D16}) (Version: 7.0 - Corel Corporation)
Pinnacle MyDVD (HKLM\...\{C9CEF17D-DE54-4E20-9FC8-8AE13A31E419}) (Version: 3.0.019 - Název společnosti:) Hidden
Pinnacle MyDVD (HKLM-x32\...\{6C7DC3C2-32EF-4B67-B2FB-5CBCE63313D7}) (Version: 3.0 - Pinnacle)
Pinnacle Premium Pack Volumes 1-2 (HKLM-x32\...\{A8322551-5857-46E0-8FD8-E5A13808DDB9}) (Version: 6.0 - Corel Corporation)
Pinnacle ScoreFitter Volumes 1-2 (HKLM\...\{009950B1-18A3-4F88-AD32-47415BF7DD52}) (Version: 6.0 - Corel Corporation)
Pinnacle Studio 22 - Standard Content Pack (HKLM\...\{EEC666DC-1B29-4F81-8D7B-A886C86159C6}) (Version: 22.1 - Corel Corporation)
Pinnacle Studio 22 (HKLM\...\{74D19994-F843-4BFE-9850-18DFFC8A1056}) (Version: 22.3.0.377 - Corel Corporation)
Pinnacle Title Extreme (HKLM\...\{9D319237-4D59-418B-A972-C9CAD471A7A5}) (Version: 6.0 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2277 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0092 - ST Microelectronics)
ST Microelectronics 3 Axis Digital Accelerometer Solution verze 4.10.0104 (HKLM\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}_is1) (Version: 4.10.0104 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.6 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
TurboFLOORPLAN Dum & Interiér & Zahrada PRO (HKLM-x32\...\InstallShield_{949815AB-D269-4DD3-AB1A-539432BAFC1E}) (Version: 15.1 - IMSIDesign)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
Videostream (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Videostream) (Version: 0.4.0 - Videostream)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Wargaming.net Game Center) (Version: 21.2.2.4998 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\WhatsApp) (Version: 2.2114.9 - WhatsApp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
XnView 2.35 (HKLM-x32\...\XnView_is1) (Version: 2.35 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.1.17.0_x86__htrsf667h5kn2 [2021-02-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.70.0_x64__htrsf667h5kn2 [2021-03-12] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.26.0_x64__rp6h1c31mfy1y [2021-03-10] (STMICROELECTRONICS S.R.L.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.7.10.0_x64__htrsf667h5kn2 [2020-10-19] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6.4.5.0_x64__htrsf667h5kn2 [2020-08-15] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.8.10.0_x64__htrsf667h5kn2 [2021-01-17] (Dell Inc)
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1.1.9.0_x64__ay1pycd334gd6 [2019-09-30] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-03] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-09-26] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13929.20296.0_x86__8wekyb3d8bbwe [2021-05-06] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13929.20296.0_x86__8wekyb3d8bbwe [2021-05-06] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4213.0_x64__8wekyb3d8bbwe [2021-04-29] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-28] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-03-05] (INTEL CORP) [Startup Task]
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.200.0_x64__jb41c8remg0x2 [2020-05-30] (Polarr)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-09-26] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\boxer300\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\boxer300\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\boxer300\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed] [File is in use]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-10] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] () [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed] [File is in use]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-10] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\nvshext.dll [2020-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2014-01-08] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-19 14:12 - 2020-11-19 14:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-10-03 13:26 - 2019-10-03 13:26 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:66BB1E73 [147]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\facets_1920.jpg
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\Control Panel\Desktop\\Wallpaper -> C:\Sdílené\03 Foto\383_SC166A6868.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\StartupApproved\Run: => "Videostream"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80D60DE1-7C3F-4AEC-82E7-3FA6BD94B371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{78B12DC0-0389-4329-8B75-14ABBC7B604B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [UDP Query User{39939E68-6946-4CBC-BE14-AE533C0598F6}C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [TCP Query User{7DF05EB9-CACB-4167-B2A8-EEE3DDDB074E}C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [UDP Query User{F4CE0FAE-A231-41CF-A48B-2CED5690C0C6}C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [TCP Query User{6951D209-DCFA-4AA8-9C78-CDE28D6F4FC6}C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{CF11C60A-DA6A-4399-9F56-99C5B1F0216D}] => (Allow) C:\Users\boxer300\AppData\Local\Videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{BB47A230-2A07-4A98-997C-C526C6207CEB}] => (Allow) C:\Users\boxer300\AppData\Local\Videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{191AE2B1-859E-4578-AAAC-ED96D28F2150}] => (Allow) LPort=5557
FirewallRules: [{1E2193D9-F835-4C68-8060-C4B5B0367D3D}] => (Allow) LPort=5556
FirewallRules: [UDP Query User{22D31D5D-45F1-4706-97E9-40F05F6EA594}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{6DBC22E4-E8A4-4ABE-9902-5D56590CCCAD}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3E3CFFAA-9B33-475E-8629-4AB70807086F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{6E8C9108-96AE-40F9-BB94-E81E3154BD04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2EF39719-107A-40C0-B4AC-437992F26E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{6CB0FE1C-F717-45E4-AC97-2555E0A56540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{02AA00FC-3765-4039-BBDD-B600D7978030}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F28D8DE1-B671-4B19-B198-23F530C8D2E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{20FA9B18-FC2B-4E7C-83B9-BCF3DB60A6F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6307830E-CDA8-436D-A668-572240C3091F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{474A1CF0-EAED-4B70-80BA-394FF9BD00FE}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AD60E233-C8F1-4012-A792-42F4F9119FAF}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{40E68E52-A1AC-4F0E-81DD-3B4AB88B3615}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{847730F5-286A-4B53-93E3-6317AAE08655}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E4F40A1B-2050-4448-8309-7387D4F1E9BF}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{73244815-0D16-4F7B-959B-C32354D5986A}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{473B2684-4703-4D6C-B98D-90D5EB179A02}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{253D14D4-EDED-4831-A0E9-EF03EBAFE55D}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{A549A4EE-BBFC-4BBB-8E12-1DD5F2D1EE00}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{1FD47148-CBEC-4C9D-B025-DD24AF888AC4}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{CF98241B-C491-4B71-B83D-3910FF571A31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20300.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52C8D3F1-B469-46BB-9A4C-02EC115EFF23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACE0A445-10C3-49F0-B6E7-28FC4578BD76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9637D0-3A72-4348-8949-8037D98639CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{290C1D84-665A-4273-83ED-EB037F53EFE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{35240994-1FBA-4FA9-9167-08B14A727C5B}C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FA179BDD-BF83-4397-861C-879521346707}C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2EB4DDE-A250-4B77-B7F5-6AA8F40B8487}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4F318135-A067-4141-B20D-1C6C11803B34}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C24E88C4-35AF-4C4E-8A20-6E8D391AFC21}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{21E55DD2-333E-44CD-8189-3C34BA48388B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{61AC8DFB-8624-4F26-AE92-C115356CF075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1A22F05E-980F-44B7-9410-36DDE5B4D9A6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{64F01440-2EBF-470F-9A87-5105BEEF3235}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1FCD92CE-3CB5-42A4-AA4D-991D495783FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F6B11EB9-BFEF-4B8A-AA04-72EC6C2A3710}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A8A45ECA-D0A2-4090-B163-736EACC3643A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CC5B530E-60E8-4BCA-BAA3-E8035E18E08C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13929.20296.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

29-04-2021 12:20:17 Naplánovaný kontrolní bod
05-05-2021 23:03:17 Instalováno IntellexPlayer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/06/2021 12:57:18 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/05/2021 07:56:32 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/05/2021 08:41:58 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/04/2021 08:39:46 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (04/25/2021 02:48:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffc7f75200f
ID chybujícího procesu: 0x2bd0
Čas spuštění chybující aplikace: 0x01d739d156be27fe
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fcd42dca-f0d7-4cdb-a9f8-28d676aa4752
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/25/2021 02:48:50 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (04/25/2021 02:48:49 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (04/25/2021 02:48:49 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002


System errors:
=============
Error: (05/07/2021 12:55:19 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000d1 (0x0000000000000014, 0x0000000000000002, 0x0000000000000000, 0xfffff8008cc1adbe). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: bc7cd83a-90de-40aa-a39b-8836b7bdf103

Error: (05/07/2021 12:54:57 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Soubor s výpisem paměti se nepodařilo vytvořit kvůli chybě při vytváření výpisu paměti.

Error: (05/07/2021 12:54:57 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Soubor s výpisem paměti se nepodařilo vytvořit kvůli chybě při vytváření výpisu paměti.

Error: (05/07/2021 12:55:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:35:29, ‎07.‎05.‎2021) bylo neočekávané.

Error: (05/06/2021 01:44:53 PM) (Source: DCOM) (EventID: 10010) (User: U06-PORADKOVA)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/06/2021 01:44:53 PM) (Source: DCOM) (EventID: 10010) (User: U06-PORADKOVA)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/06/2021 01:44:53 PM) (Source: DCOM) (EventID: 10010) (User: U06-PORADKOVA)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/06/2021 01:44:20 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000d1 (0x0000000000000014, 0x0000000000000002, 0x0000000000000000, 0xfffff80168a1adbe). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: dd193752-8b4b-412e-8646-d74599085201


Windows Defender:
================
Date: 2021-02-28 21:21:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3C84667-0B09-47CC-BACA-385943B7AD75}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-28 21:07:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0507A3B6-51E3-4E26-9453-44A85D87F6B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-28 20:58:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69BDF6E0-5C1A-4DA2-AD54-4BF52A35BD5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-22 23:16:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D1E77E52-702B-4347-A02E-00EB5B330D6F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-21 21:27:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Adware:Win32/Seznam.R!MTB
Závažnost: Vysoké
Kategorie: Software placený zobrazováním reklamy
Cesta: file:_C:\Users\boxer300\AppData\Local\Temp\nsy9B8C.tmp\listicka.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: U06-PORADKOVA\boxer300
Název procesu: C:\Users\boxer300\Desktop\BlueStacks-Installer_4.240.30.1002_amd64_native_b992500aa54f938c547e8e2e87b25bf3.exe
Verze bezpečnostních informací: AV: 1.331.1502.0, AS: 1.331.1502.0, NIS: 1.331.1502.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-03 20:42:06
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-19 07:03:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2376.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-05-07 12:57:18
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Dell Inc. 1.13.1 07/14/2020
Motherboard: Dell Inc. 0YM64G
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 36%
Total physical RAM: 16177.72 MB
Available physical RAM: 10240.62 MB
Total Virtual: 19121.72 MB
Available Virtual: 11169.34 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:236.7 GB) (Free:30.86 GB) NTFS

\\?\Volume{2b3e35cd-704e-4c3e-9b25-fd880405f6bb}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.32 GB) NTFS
\\?\Volume{d65ce365-6765-451c-905b-1295e20dd731}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.61 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FA28FD61)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#2 Příspěvek od Rudy »

Zdravím!
Otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#3 Příspěvek od barrad »

V příloze požadované bohužel se nevešlo v jednom raru (velikost). Takže 1/2 -
Minidump01.rar
(879.88 KiB) Staženo 58 x

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#4 Příspěvek od barrad »

2/2 -
Minidump02.rar
(537.26 KiB) Staženo 62 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#5 Příspěvek od Rudy »

Pravděpodobně jde o ovladač Wifi. Zkuste ho přeinstalovat. Máte v systému všechny dostupné aktualizace. Pokud ne, je třeba je nainstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#6 Příspěvek od barrad »

Zařízení jsem odebral a nainstalovalo se znovu. Zatím nic nespadlo, ale používám krátce. Ještě nějaké doporučení? Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#7 Příspěvek od Rudy »

Nemáte zač! Chcete-li ještě NB vyčistit od malware a zbytečností (může to mít souvislost s tím přehříváním), spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#8 Příspěvek od barrad »

Log po projetí programem:

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2021
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 17
# Awaiting reboot:4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Deleted Preinstalled.DellCommand|Update Folder C:\Program Files\DELL\COMMANDUPDATE
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE7C096B-BE3E-4D2A-A291-654028CE41A2}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE7C096B-BE3E-4D2A-A291-654028CE41A2}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{00E63F11-4E3A-4B22-BD87-8A04B80E8D66}
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\DELL\UPDATESERVICE
Cleaning failed C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT
Cleaning failed C:\ProgramData\DELL\UPDATESERVICE

*************************

AdwCleaner[S00].txt - [3297 octets] - [15/05/2021 21:39:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#9 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#10 Příspěvek od barrad »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by boxer300 (administrator) on U06-PORADKOVA (Dell Inc. Precision 3530) (16-05-2021 07:16:23)
Running from C:\Users\boxer300\Desktop
Loaded Profiles: boxer300
Platform: Windows 10 Pro Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEvents.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\dpoMonitorSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Discord Inc. -> Discord Inc.) C:\Users\boxer300\AppData\Local\Discord\app-1.0.9001\Discord.exe <6>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_28efa2cb508b2ae9\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_70e7e4392a76adb3\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6610765cda2bce8\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6610765cda2bce8\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\boxer300\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\UshUpgradeService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostControlService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) C:\Windows\System32\HostStorageService.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEventsLauncher.exe [178384 2020-07-09] (Dell Inc -> )
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076216 2020-04-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [164808 2021-05-06] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2142544 2021-05-13] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Videostream] => C:\Users\boxer300\AppData\Local\Videostream\app-0.4.3\Videostream.exe [340584 2020-08-26] (RouteThis Inc. -> Videostream)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\boxer300\AppData\Local\Microsoft\Teams\Update.exe [2452664 2021-02-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Run: [Discord] => C:\Users\boxer300\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-10-03] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\Users\boxer300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 6.3.lnk [2019-10-13]
ShortcutTarget: LibreOffice 6.3.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E24095E-696A-43C6-8D3B-F7DCD28F91BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {1AD511AD-E6EB-457B-8D74-2816663AC127} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-27] () [File not signed]
Task: {21DFAC19-EA64-4C50-A1F5-7FD73CE5AC2C} - System32\Tasks\PinnacleStudioUpdater => C:\Program Files\Pinnacle\Studio 22\programs\PSNotification.exe [635976 2019-02-20] (Corel Corporation -> )
Task: {227B5A99-FBC0-4063-A58F-200AD27F42C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {3048041F-D78E-4ACF-9A2C-BD811EE613E5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3CDF9666-541F-47CE-88C3-F8EEF884A3CB} - System32\Tasks\PinnacleStudio22Notifier => C:\Program Files\Pinnacle\Studio 22\programs\PinnacleNotifierWrapper.exe [17504 2019-06-19] (Corel Corporation -> Pinnacle)
Task: {5140FCAC-DA7A-406A-A9D0-B1EE6E3EC8F2} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2096040 2019-03-07] (NVIDIA Corporation -> )
Task: {76D9EC3A-F60A-49FF-8024-639E751BBA3F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {89C9D021-C926-48B6-B51C-9E4B6119E69E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {8BBC66C9-A9D0-4535-9D1B-03D54DC9A60D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {C0598F9A-B367-404D-A7B4-45AE10E7E945} - System32\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002 => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D639E96C-EFB6-4932-A332-C0160C91BED9} - System32\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002 => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E7166BE9-F208-49ED-ADF3-8CDD7F0DA666} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {E98A8D1A-7BA1-4C1E-A0EA-B90FD6D0D41C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002.job => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002.job => C:\Users\boxer300\AppData\Local\GoToMeeting\19598\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{58a71dbc-f2a1-469a-906e-52a6d59fb6ad}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{96377fbf-d78e-481a-9125-727e11fcdd71}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bef082f6-60bd-4540-b564-67b5bb181a81}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{cbb72275-ca0f-4a1d-bd66-98d1633c9214}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\boxer300\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-16]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Extension: (Prezentace) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-03]
CHR Extension: (Dokumenty) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-03]
CHR Extension: (Disk Google) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-03]
CHR Extension: (YouTube) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-03]
CHR Extension: (YouTube Music) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2021-03-03]
CHR Extension: (Tabulky) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2021-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-03]
CHR Extension: (Gmail) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\boxer300\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894848 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422128 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3975712 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1009264 2021-03-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{AB39B3B6-3A3E-4047-B84E-A02E7540A16B} [21312 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DpoMonitorSvc; C:\Program Files\Dell\PPO\dpoMonitorSvc.exe [1382096 2020-07-09] (Dell Inc -> Dell Inc.)
R2 dpoTelemetrySvc; C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe [241360 2020-07-09] (Dell Inc -> Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2954416 2021-05-06] (ESET, spol. s r.o. -> ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-02-20] (Mixbyte Inc -> Freemake)
R2 hostcontrolsvc; C:\WINDOWS\System32\HostControlService.exe [815616 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\HostStorageService.exe [161280 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4788136 2020-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [1771728 2020-07-09] (Dell Inc -> Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [424656 2020-07-09] (Dell Inc -> Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [1507528 2020-07-09] (Dell Inc -> Dell Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-04-21] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 ushupgradesvc; C:\WINDOWS\System32\UshUpgradeService.exe [265728 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [372384 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169400 2021-05-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [112576 2021-05-06] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [192624 2021-05-06] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43832 2021-05-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70160 2021-05-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107400 2021-05-06] (ESET, spol. s r.o. -> ESET)
R3 POADrvr; C:\WINDOWS\system32\drivers\POADrvr.sys [40872 2019-09-08] (DellDPO(driver) -> Dell Computer Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49544 2021-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420088 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-02-27] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-16 07:16 - 2021-05-16 07:16 - 002299392 _____ (Farbar) C:\Users\boxer300\Desktop\FRST64.exe
2021-05-16 07:16 - 2021-05-16 07:16 - 000000000 ____D C:\Users\boxer300\Desktop\FRST-OlderVersion
2021-05-15 22:28 - 2021-05-15 22:50 - 2090337136 _____ C:\Users\boxer300\Desktop\RYTÍŘI SPRAVEDLNOSTI 2020 (FULL HD) - DAN. a NOR.2020- EU.dab.CZ.Tit.,-rimini.,-85- ČSFD.avi
2021-05-15 22:28 - 2021-05-15 22:48 - 1861080110 _____ C:\Users\boxer300\Desktop\Palm.Springs.2020.1080p.HULU.WEB-DL.DDP.5.1 - kopie (2).mkv
2021-05-15 22:00 - 2021-05-15 22:13 - 2205088694 _____ C:\Users\boxer300\Desktop\Princezna zakletá v čase 2020.mkv
2021-05-15 21:42 - 2021-05-15 21:42 - 000004002 _____ C:\Users\boxer300\Desktop\AdwCleaner[C00].txt
2021-05-15 21:40 - 2021-05-15 21:40 - 000003297 _____ C:\Users\boxer300\Desktop\AdwCleaner[S00].txt
2021-05-15 21:39 - 2021-05-15 21:40 - 000000000 ____D C:\AdwCleaner
2021-05-15 21:38 - 2021-05-15 21:39 - 008534696 _____ (Malwarebytes) C:\Users\boxer300\Desktop\adwcleaner_8.2.exe
2021-05-15 18:12 - 2021-05-15 18:13 - 000000000 ____D C:\Users\boxer300\AppData\Local\T2GP Launcher
2021-05-15 18:12 - 2021-05-15 18:12 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\T2GP Launcher
2021-05-15 16:51 - 2021-05-15 16:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-15 16:51 - 2021-05-15 16:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-15 16:51 - 2021-05-15 16:51 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-15 16:51 - 2021-05-15 16:51 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-15 16:51 - 2021-05-15 16:51 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-15 16:51 - 2021-05-15 16:51 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-15 16:51 - 2021-05-15 16:51 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-15 16:51 - 2021-05-15 16:51 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-15 16:50 - 2021-05-15 16:50 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-15 16:50 - 2021-05-15 16:50 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-15 16:50 - 2021-05-15 16:50 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-15 16:50 - 2021-05-15 16:50 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-15 16:50 - 2021-05-15 16:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-15 16:50 - 2021-05-15 16:50 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-15 16:43 - 2021-05-15 21:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-15 16:43 - 2021-05-15 16:43 - 002467548 _____ C:\WINDOWS\Minidump\051521-14296-01.dmp
2021-05-14 21:28 - 2021-05-15 16:43 - 1389339434 _____ C:\WINDOWS\MEMORY.DMP
2021-05-14 21:28 - 2021-05-14 21:28 - 002072028 _____ C:\WINDOWS\Minidump\051421-16984-01.dmp
2021-05-14 20:51 - 2021-05-14 20:52 - 002662476 _____ C:\WINDOWS\Minidump\051421-17140-01.dmp
2021-05-13 22:08 - 2021-05-13 22:09 - 002473108 _____ C:\WINDOWS\Minidump\051321-13859-01.dmp
2021-05-13 21:34 - 2021-05-13 21:34 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-13 21:28 - 2021-05-13 21:28 - 002492108 _____ C:\WINDOWS\Minidump\051321-13265-01.dmp
2021-05-12 23:38 - 2021-05-12 23:38 - 000001037 _____ C:\Users\boxer300\Desktop\jídlo.txt
2021-05-12 23:29 - 2021-05-12 23:29 - 000330939 _____ C:\Users\boxer300\Desktop\01 kokořínsko - okruh 43,9 km export.gpx
2021-05-12 22:43 - 2021-05-12 22:43 - 000000000 ____D C:\WINDOWS\{4CCD9D04-B59E-49D1-85EF-7867D86C58F5}
2021-05-12 22:41 - 2021-05-12 22:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2909572-1331742790-1802043775-1002
2021-05-12 22:41 - 2021-05-12 22:41 - 000002368 _____ C:\Users\boxer300\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-11 21:43 - 2021-05-11 21:43 - 000259708 _____ C:\Users\boxer300\Desktop\havlicekjidelnicek.pdf
2021-05-10 23:04 - 2021-05-10 23:04 - 013686011 _____ C:\Users\boxer300\Desktop\Jak_se_ucim_behat.pdf
2021-05-07 13:06 - 2021-05-07 13:06 - 000045567 _____ C:\Users\boxer300\Desktop\Addition.txt
2021-05-07 13:04 - 2021-05-16 07:16 - 000024696 _____ C:\Users\boxer300\Desktop\FRST.txt
2021-05-07 13:04 - 2021-05-16 07:16 - 000000000 ____D C:\FRST
2021-05-07 10:03 - 2021-05-07 10:12 - 000000000 ____D C:\Users\boxer300\Desktop\ŚKolka
2021-05-06 12:57 - 2021-05-06 12:57 - 000192624 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000169400 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000107400 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000070160 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-05-06 12:57 - 2021-05-06 12:57 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-05-05 08:54 - 2021-05-05 08:54 - 000138387 _____ C:\Users\boxer300\Desktop\Žádost o přijetí k předškolnímu vzdělávání.pdf
2021-04-26 10:44 - 2021-04-26 10:44 - 000033502 _____ C:\Users\boxer300\Desktop\Opis_smluvnich_udaju.PDF
2021-04-26 10:41 - 2021-04-26 10:41 - 000230842 _____ C:\Users\boxer300\Desktop\Faktura_0020206915_7352089600_2106727122.PDF
2021-04-26 08:33 - 2021-04-26 08:39 - 702585541 _____ C:\Users\boxer300\Desktop\tridnim-ucitelem-v-postcovidove-dobe-ii.mp4
2021-04-20 20:35 - 2021-04-20 20:36 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-04-16 13:06 - 2021-04-16 13:06 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-16 07:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-16 07:14 - 2020-10-14 22:28 - 001693354 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 07:14 - 2019-12-07 16:43 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-16 07:14 - 2019-12-07 16:43 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-16 07:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-16 07:09 - 2021-03-05 21:21 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\discord
2021-05-16 07:05 - 2021-03-05 21:21 - 000000000 ____D C:\Users\boxer300\AppData\Local\Discord
2021-05-16 07:05 - 2019-10-24 16:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-15 22:51 - 2019-07-04 21:37 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-15 22:50 - 2020-10-14 22:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-15 21:59 - 2019-07-04 21:37 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-05-15 21:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-15 21:41 - 2020-11-12 09:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-15 21:41 - 2020-10-14 22:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-15 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-15 21:41 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-15 21:41 - 2019-07-04 21:34 - 000161676 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2021-05-15 21:41 - 2019-07-04 21:33 - 000000000 ____D C:\Intel
2021-05-15 21:40 - 2019-07-04 21:33 - 000000000 ____D C:\ProgramData\Dell
2021-05-15 21:40 - 2019-07-04 21:32 - 000000000 ____D C:\Program Files\Dell
2021-05-15 20:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-15 19:59 - 2021-03-03 21:30 - 000547472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-15 19:58 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-15 19:58 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-15 19:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-15 18:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-15 18:12 - 2019-07-04 21:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-15 16:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-05-15 16:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-15 16:48 - 2020-06-10 20:12 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-15 16:48 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-15 16:48 - 2019-10-15 17:28 - 000000000 ____D C:\Users\boxer300\AppData\Local\D3DSCache
2021-05-15 16:46 - 2019-09-26 14:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-15 16:44 - 2019-09-26 14:17 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-15 16:43 - 2021-01-03 09:15 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-14 22:02 - 2020-10-14 22:20 - 000000000 ____D C:\Users\boxer300
2021-05-14 20:38 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\WhatsApp
2021-05-12 23:18 - 2021-03-03 21:56 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 22:41 - 2019-10-03 12:00 - 000000000 ___RD C:\Users\boxer300\OneDrive
2021-05-09 14:21 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Local\WhatsApp
2021-05-09 14:00 - 2019-10-03 13:48 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2021-05-09 11:51 - 2019-07-04 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-09 11:50 - 2019-07-04 21:32 - 000000000 ____D C:\ProgramData\PCDr
2021-05-07 13:05 - 2020-10-14 22:20 - 000000000 ____D C:\Users\OIKT
2021-05-07 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-06 12:57 - 2020-10-26 10:28 - 000112576 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-04-30 20:32 - 2020-10-01 12:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-26 10:46 - 2019-10-10 08:47 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\AIMP
2021-04-26 08:17 - 2020-10-14 22:30 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a267fc15bd72
2021-04-26 08:17 - 2020-10-14 22:27 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-23 15:56 - 2019-10-14 13:10 - 000000000 ____D C:\Users\boxer300\AppData\Local\SquirrelTemp
2021-04-22 10:00 - 2021-03-03 21:55 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 10:00 - 2021-03-03 21:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-20 20:36 - 2019-07-04 21:34 - 000000000 ____D C:\ProgramData\Intel
2021-04-20 20:36 - 2019-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-20 20:36 - 2019-07-04 21:25 - 000000000 ____D C:\Program Files\Intel
2021-04-19 15:36 - 2019-10-20 16:07 - 000000000 ____D C:\Users\boxer300\AppData\Roaming\MPC-HC
2021-04-16 23:20 - 2021-04-06 00:07 - 000000680 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2909572-1331742790-1802043775-1002.job
2021-04-16 23:20 - 2021-04-06 00:07 - 000000584 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2909572-1331742790-1802043775-1002.job
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 23:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 13:06 - 2020-10-14 22:21 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2019-10-10 08:11 - 2020-09-11 11:28 - 000001605 _____ () C:\Users\boxer300\AppData\Roaming\U06-PORADKOVA.MTBF.txt
2019-10-10 08:16 - 2020-05-30 20:50 - 000005120 _____ () C:\Users\boxer300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-10 18:24 - 2020-03-10 18:24 - 000019060 _____ () C:\Users\boxer300\AppData\Local\recently-used.xbel
2020-12-11 22:17 - 2020-12-11 22:17 - 000007606 _____ () C:\Users\boxer300\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by boxer300 (16-05-2021 07:17:30)
Running from C:\Users\boxer300\Desktop
Windows 10 Pro Version 2004 19041.985 (X64) (2020-10-14 20:27:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2909572-1331742790-1802043775-500 - Administrator - Disabled)
boxer300 (S-1-5-21-2909572-1331742790-1802043775-1002 - Administrator - Enabled) => C:\Users\boxer300
DefaultAccount (S-1-5-21-2909572-1331742790-1802043775-503 - Limited - Disabled)
Guest (S-1-5-21-2909572-1331742790-1802043775-501 - Limited - Disabled)
OIKT (S-1-5-21-2909572-1331742790-1802043775-1001 - Administrator - Enabled) => C:\Users\OIKT
uzjgclvuqspw (S-1-5-21-2909572-1331742790-1802043775-1003 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2909572-1331742790-1802043775-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
Ambarella AmbaUSB 3.4.8 (HKLM-x32\...\Ambarella AmbaUSB) (Version: 3.4.8 - Ambarella)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Balíček ovladače systému Windows - libusb-win32 Ambarella Evaluation Board Devices (02/23/2013 1.2.6.0) (HKLM\...\F096309D24CCFB8386E7531DF7D80DAD68EB9719) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
Cam Manager (HKLM-x32\...\Cam Manager) (Version: - )
CDBurnerXP (64 bit) (HKLM\...\{EFD6587A-C63D-4AEF-982C-1EB3878EF0CC}) (Version: 4.5.8.6795 - Canneverbe Limited)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dell Command | Update for Windows 10 (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.1.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{0C642DDD-65AD-4408-BE4A-5ED6CB441893}) (Version: 4.12.5.8 - Broadcom Limited)
Dell Data Vault (64 bit) (HKLM\...\{4F2BFA60-E4F6-4BC4-9DAC-19E5A5E01ACA}) (Version: 5.5.1.906 - Dell) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{81C48559-E2EB-4F18-9854-51331B9DB552}) (Version: 4.0.70.0 - Dell Inc.)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 6.4.5 - Dell Inc.)
Dell SupportAssist (HKLM\...\{5106801D-CA18-4173-85B9-D74C33358F7F}) (Version: 3.9.0.234 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
Discord (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
DVR365 Player 2008-A (HKLM-x32\...\{3880947B-E454-48BA-BAFD-28E242A4F30C}) (Version: 1.0.0 - dvr365.com) Hidden
DVR365 Player 2008-A (HKLM-x32\...\DVR365 Player 2008-A) (Version: - dvr365.com)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.1.19.0 - ESET, spol. s r.o.)
Free WMA to MP3 Converter 1.0 (HKLM-x32\...\{CF448039-6D80-43DE-917B-574B8F5B9BC9}_is1) (Version: - PolySoft Solutions)
Freemake Audio Converter verze 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2103.15.0.2135 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{ACA5CFAC-9E99-4764-A7AD-AF5CF3FA15BF}) (Version: 17.0.2.1076 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{f4788713-080d-49b0-919d-cd035cf9bf14}) (Version: 22.30.0.11 - Intel Corporation) Hidden
IntellexPlayer (HKLM-x32\...\{C124BC7E-1C94-44C7-A8CA-70D10644FB05}) (Version: 4.31.19.36 - Sensormatic Electronics Corporation)
K-Lite Mega Codec Pack 15.1.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.1.6 - KLCP)
LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2909572-1331742790-1802043775-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MultiCam Capture Lite (HKLM\...\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}) (Version: 1.1.4.10460 - Corel Corporation)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
MyDVD Content Pack 2 (HKLM-x32\...\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}) (Version: 1.00.0000 - Corel Corporation)
NVIDIA nView 149.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 452.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
Pinnacle 3D Title Editor (HKLM\...\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}) (Version: 1.0.8.185 - Corel Corporation)
Pinnacle Creative Pack Volume 1 (HKLM\...\{C42189EA-8768-4B9A-B54B-5B8872853D16}) (Version: 7.0 - Corel Corporation)
Pinnacle MyDVD (HKLM\...\{C9CEF17D-DE54-4E20-9FC8-8AE13A31E419}) (Version: 3.0.019 - Název společnosti:) Hidden
Pinnacle MyDVD (HKLM-x32\...\{6C7DC3C2-32EF-4B67-B2FB-5CBCE63313D7}) (Version: 3.0 - Pinnacle)
Pinnacle Premium Pack Volumes 1-2 (HKLM-x32\...\{A8322551-5857-46E0-8FD8-E5A13808DDB9}) (Version: 6.0 - Corel Corporation)
Pinnacle ScoreFitter Volumes 1-2 (HKLM\...\{009950B1-18A3-4F88-AD32-47415BF7DD52}) (Version: 6.0 - Corel Corporation)
Pinnacle Studio 22 - Standard Content Pack (HKLM\...\{EEC666DC-1B29-4F81-8D7B-A886C86159C6}) (Version: 22.1 - Corel Corporation)
Pinnacle Studio 22 (HKLM\...\{74D19994-F843-4BFE-9850-18DFFC8A1056}) (Version: 22.3.0.377 - Corel Corporation)
Pinnacle Title Extreme (HKLM\...\{9D319237-4D59-418B-A972-C9CAD471A7A5}) (Version: 6.0 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2277 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0092 - ST Microelectronics)
ST Microelectronics 3 Axis Digital Accelerometer Solution verze 4.10.0104 (HKLM\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}_is1) (Version: 4.10.0104 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
TurboFLOORPLAN Dum & Interiér & Zahrada PRO (HKLM-x32\...\InstallShield_{949815AB-D269-4DD3-AB1A-539432BAFC1E}) (Version: 15.1 - IMSIDesign)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
Videostream (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Videostream) (Version: 0.4.0 - Videostream)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\Wargaming.net Game Center) (Version: 21.2.3.5077 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\WhatsApp) (Version: 2.2117.5 - WhatsApp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
XnView 2.35 (HKLM-x32\...\XnView_is1) (Version: 2.35 - Gougelet Pierre-e)
Zoom (HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.1.17.0_x86__htrsf667h5kn2 [2021-02-05] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.70.0_x64__htrsf667h5kn2 [2021-03-12] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.26.0_x64__rp6h1c31mfy1y [2021-03-10] (STMICROELECTRONICS S.R.L.)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.8.9.0_x64__htrsf667h5kn2 [2021-05-12] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6.4.5.0_x64__htrsf667h5kn2 [2020-08-15] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.9.11.0_x64__htrsf667h5kn2 [2021-05-09] (Dell Inc)
Dell Touchpad Assistant -> C:\Program Files\WindowsApps\C1E561A0.DellTouchpadAssistant_1.1.9.0_x64__ay1pycd334gd6 [2019-09-30] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-03] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-09-26] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13929.20296.0_x86__8wekyb3d8bbwe [2021-05-06] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13929.20296.0_x86__8wekyb3d8bbwe [2021-05-06] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-13] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-28] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-07] (INTEL CORP) [Startup Task]
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.10.200.0_x64__jb41c8remg0x2 [2020-05-30] (Polarr)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-09-26] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\boxer300\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\boxer300\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2909572-1331742790-1802043775-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\boxer300\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed] [File is in use]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-10] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] () [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed] [File is in use]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-10] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_12525865f209ff49\nvshext.dll [2020-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-05-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2014-01-08] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-19 14:12 - 2020-11-19 14:12 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-10-03 13:26 - 2019-10-03 13:26 - 000116736 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:66BB1E73 [147]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\facets_1920.jpg
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\Control Panel\Desktop\\Wallpaper -> C:\Sdílené\03 Foto\383_SC166A6868.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\...\StartupApproved\Run: => "Videostream"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80D60DE1-7C3F-4AEC-82E7-3FA6BD94B371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{78B12DC0-0389-4329-8B75-14ABBC7B604B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [UDP Query User{39939E68-6946-4CBC-BE14-AE533C0598F6}C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [TCP Query User{7DF05EB9-CACB-4167-B2A8-EEE3DDDB074E}C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.3\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [UDP Query User{F4CE0FAE-A231-41CF-A48B-2CED5690C0C6}C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [TCP Query User{6951D209-DCFA-4AA8-9C78-CDE28D6F4FC6}C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe] => (Allow) C:\users\boxer300\appdata\local\videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{CF11C60A-DA6A-4399-9F56-99C5B1F0216D}] => (Allow) C:\Users\boxer300\AppData\Local\Videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{BB47A230-2A07-4A98-997C-C526C6207CEB}] => (Allow) C:\Users\boxer300\AppData\Local\Videostream\app-0.4.0\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{191AE2B1-859E-4578-AAAC-ED96D28F2150}] => (Allow) LPort=5557
FirewallRules: [{1E2193D9-F835-4C68-8060-C4B5B0367D3D}] => (Allow) LPort=5556
FirewallRules: [UDP Query User{22D31D5D-45F1-4706-97E9-40F05F6EA594}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{6DBC22E4-E8A4-4ABE-9902-5D56590CCCAD}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3E3CFFAA-9B33-475E-8629-4AB70807086F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{6E8C9108-96AE-40F9-BB94-E81E3154BD04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2EF39719-107A-40C0-B4AC-437992F26E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{6CB0FE1C-F717-45E4-AC97-2555E0A56540}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{02AA00FC-3765-4039-BBDD-B600D7978030}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F28D8DE1-B671-4B19-B198-23F530C8D2E2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{20FA9B18-FC2B-4E7C-83B9-BCF3DB60A6F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6307830E-CDA8-436D-A668-572240C3091F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{474A1CF0-EAED-4B70-80BA-394FF9BD00FE}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AD60E233-C8F1-4012-A792-42F4F9119FAF}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{40E68E52-A1AC-4F0E-81DD-3B4AB88B3615}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{847730F5-286A-4B53-93E3-6317AAE08655}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E4F40A1B-2050-4448-8309-7387D4F1E9BF}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{73244815-0D16-4F7B-959B-C32354D5986A}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{473B2684-4703-4D6C-B98D-90D5EB179A02}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{253D14D4-EDED-4831-A0E9-EF03EBAFE55D}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{A549A4EE-BBFC-4BBB-8E12-1DD5F2D1EE00}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{1FD47148-CBEC-4C9D-B025-DD24AF888AC4}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{CF98241B-C491-4B71-B83D-3910FF571A31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20300.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52C8D3F1-B469-46BB-9A4C-02EC115EFF23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACE0A445-10C3-49F0-B6E7-28FC4578BD76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9637D0-3A72-4348-8949-8037D98639CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{290C1D84-665A-4273-83ED-EB037F53EFE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{35240994-1FBA-4FA9-9167-08B14A727C5B}C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FA179BDD-BF83-4397-861C-879521346707}C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\boxer300\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2EB4DDE-A250-4B77-B7F5-6AA8F40B8487}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4F318135-A067-4141-B20D-1C6C11803B34}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C24E88C4-35AF-4C4E-8A20-6E8D391AFC21}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{21E55DD2-333E-44CD-8189-3C34BA48388B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{61AC8DFB-8624-4F26-AE92-C115356CF075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{73AF5F1E-EB1A-4AD4-A668-E3C00B2B7257}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0E6481D7-3E68-42E7-B351-50168255FF3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B872D651-DCD6-49FD-B73D-DD51B4EFC4C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3E4E85E8-707B-4FED-A11A-5E263E2D1864}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EB8345B3-1F09-47BB-A932-5EBA0F34D999}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-05-2021 16:46:14 Instalační služba modulů systému Windows
15-05-2021 21:40:19 AdwCleaner_BeforeCleaning_15/05/2021_21:40:19
15-05-2021 21:57:06 Dell Client Management Service

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2021 09:40:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/15/2021 07:58:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/15/2021 07:58:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/14/2021 08:13:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.21022.215.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 28d4

Čas spuštění: 01d74833d6d25059

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 496e2bd7-78ca-406e-8118-c286d46b3caf

Úplný název balíčku s chybou: Microsoft.YourPhone_1.21022.215.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (05/12/2021 10:41:03 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/11/2021 07:22:40 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/10/2021 07:14:41 PM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000

Error: (05/09/2021 11:45:55 AM) (Source: DellCommandPowerManager) (EventID: 0) (User: )
Description: Error from DellPowerManager.exe GUI-ATA02
Message: Invalid alert info: 000300000004000700000000


System errors:
=============
Error: (05/15/2021 09:40:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (05/15/2021 09:40:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (05/15/2021 09:40:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (05/15/2021 09:40:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/15/2021 09:40:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Service API byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/15/2021 09:40:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Collector byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/15/2021 09:40:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Hardware Support byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/15/2021 09:40:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-02-28 21:21:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3C84667-0B09-47CC-BACA-385943B7AD75}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-28 21:07:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0507A3B6-51E3-4E26-9453-44A85D87F6B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-28 20:58:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69BDF6E0-5C1A-4DA2-AD54-4BF52A35BD5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-22 23:16:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D1E77E52-702B-4347-A02E-00EB5B330D6F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-21 21:27:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Adware:Win32/Seznam.R!MTB
Závažnost: Vysoké
Kategorie: Software placený zobrazováním reklamy
Cesta: file:_C:\Users\boxer300\AppData\Local\Temp\nsy9B8C.tmp\listicka.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: U06-PORADKOVA\boxer300
Název procesu: C:\Users\boxer300\Desktop\BlueStacks-Installer_4.240.30.1002_amd64_native_b992500aa54f938c547e8e2e87b25bf3.exe
Verze bezpečnostních informací: AV: 1.331.1502.0, AS: 1.331.1502.0, NIS: 1.331.1502.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-03 20:42:06
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-28 12:26:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2519.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x800b0003
Popis chyby: Zadaný formulář subjektu není podporován nebo znám zadaným poskytovatelem důvěry systému.

Date: 2021-01-19 07:03:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2376.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-05-15 21:43:59
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-05-15 20:01:31
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Dell Inc. 1.13.1 07/14/2020
Motherboard: Dell Inc. 0YM64G
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 34%
Total physical RAM: 16177.72 MB
Available physical RAM: 10598.53 MB
Total Virtual: 19121.72 MB
Available Virtual: 11650.02 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:236.7 GB) (Free:23.09 GB) NTFS

\\?\Volume{2b3e35cd-704e-4c3e-9b25-fd880405f6bb}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.32 GB) NTFS
\\?\Volume{d65ce365-6765-451c-905b-1295e20dd731}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.61 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FA28FD61)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#11 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
Task: {0E24095E-696A-43C6-8D3B-F7DCD28F91BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {227B5A99-FBC0-4063-A58F-200AD27F42C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
C:\Users\boxer300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73 [147]
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
FirewallRules: [{4F318135-A067-4141-B20D-1C6C11803B34}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C24E88C4-35AF-4C4E-8A20-6E8D391AFC21}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\boxer300\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#12 Příspěvek od barrad »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by boxer300 (16-05-2021 12:42:44) Run:1
Running from C:\Users\boxer300\Desktop
Loaded Profiles: OIKT & boxer300
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
Task: {0E24095E-696A-43C6-8D3B-F7DCD28F91BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
Task: {227B5A99-FBC0-4063-A58F-200AD27F42C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-03] (Google LLC -> Google LLC)
C:\Users\boxer300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73 [147]
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1001 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> DefaultScope {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
SearchScopes: HKU\S-1-5-21-2909572-1331742790-1802043775-1002 -> {959CA968-4826-4E1F-9DE4-96D017FEA9EB} URL =
FirewallRules: [{4F318135-A067-4141-B20D-1C6C11803B34}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C24E88C4-35AF-4C4E-8A20-6E8D391AFC21}] => (Allow) C:\Users\boxer300\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\boxer300\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E24095E-696A-43C6-8D3B-F7DCD28F91BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E24095E-696A-43C6-8D3B-F7DCD28F91BE}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{227B5A99-FBC0-4063-A58F-200AD27F42C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{227B5A99-FBC0-4063-A58F-200AD27F42C1}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Users\boxer300\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData\Temp => ":66BB1E73" ADS removed successfully
"HKU\S-1-5-21-2909572-1331742790-1802043775-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2909572-1331742790-1802043775-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{959CA968-4826-4E1F-9DE4-96D017FEA9EB} => removed successfully
"HKU\S-1-5-21-2909572-1331742790-1802043775-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2909572-1331742790-1802043775-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{959CA968-4826-4E1F-9DE4-96D017FEA9EB} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F318135-A067-4141-B20D-1C6C11803B34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C24E88C4-35AF-4C4E-8A20-6E8D391AFC21}" => removed successfully
C:\Users\boxer300\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 146122616 B
Java, Flash, Steam htmlcache => 115977193 B
Windows/system/drivers => 20406015 B
Edge => 36540 B
Chrome => 360288162 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 149436 B
NetworkService => 383044 B
OIKT => 473526 B
boxer300 => 4402065 B

RecycleBin => 0 B
EmptyTemp: => 629 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-05-2021 12:44:08)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 12:44:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#13 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

barrad
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 14 kvě 2008 17:33

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#14 Příspěvek od barrad »

Děkuji moc za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Modrá smrt netwtw08.sys a občasné přehřívání notebooku

#15 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno