Prosím o kontrolu logu, paměť RAM v klidovém stavu pres 50 procent.... děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2021
Ran by user (administrator) on MSI (Micro-Star International Co., Ltd. GP73 Leopard 8RE) (08-08-2021 12:20:44)
Running from C:\Users\user\Desktop
Loaded Profiles: user
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute SAS -> A-Volute) C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(HTC Corp. -> HTC) C:\Program Files\HTC Account\Htc.Identity.Service.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_caa7639078e34732\OneApp.IGCC.WinService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SysWOW64\wuauclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <14>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe <2>
(Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [System] => C:\WINDOWS\SysWOW64\WindowsUpdateBox.exe [12299993 2021-05-07] (Microsoft Corporation) [File not signed] <==== ATTENTION
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-09] (Valve -> Valve Corporation)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Opera Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4096720 2021-08-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HusRegisterHelper.lnk [2020-11-26]
ShortcutTarget: HusRegisterHelper.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeRegisterHelper\RegisterHelper.exe (HTC Corp. -> HTC Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE 2018 Switch.lnk [2020-11-26]
ShortcutTarget: VIVE 2018 Switch.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveVRRuntime\ViveVR_utility\SteamVR_ViveVR_Switch.exe (HTC Corp. -> HTC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE Cosmos Settings.lnk [2020-11-26]
ShortcutTarget: VIVE Cosmos Settings.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeSettings\ViveSettings.exe (HTC Corp. -> HTC Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0654CDA0-47AE-46D3-BC78-96B6CA6B5EA5} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {08E86C4E-2F0D-4478-9A4F-8288F35E5D6E} - System32\Tasks\Opera scheduled assistant Autoupdate 1604401443 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1FC3DE0B-5968-4353-8616-6DCD91794BB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {203A1B6A-3E6D-4451-95B4-6F1829CC4504} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {2FAD67EF-A9E1-4F8B-BC15-BC051BF686A2} - System32\Tasks\Microsoft\Windows\MUI\CheckUpdate => C:\WINDOWS\SysWOW64\WindowsUpdateBox.exe [12299993 2021-05-07] (Microsoft Corporation) [File not signed]
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {34626C9B-AA51-470B-B4E5-0653468718EC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37E992EA-E7FE-4B03-BFBA-8016455920E6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3C1063A0-AC1B-4E2D-8C55-6BFF7D78F730} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {3FB79EFD-6FAF-4338-A2F7-D23BB787E80C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {408E449F-6BCA-4C37-B39B-8C8CFAEC0000} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {47FB81CA-560D-48F4-92B3-A040826294AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {482402d7-ad23-49af-b722-01f277ac9064} - no filepath
Task: {485F3DB8-CBCC-40D5-9F5A-8FE193C89536} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49D77F85-2327-47F4-ABBD-83BA4E20D9B9} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {571BF2FC-6121-4491-A133-47F5CD7D8C39} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {6DB2EECE-3636-460C-888F-24D8C30D47D6} - System32\Tasks\Microsoft\Windows\MUI\WindowsUpdate => C:\WINDOWS\SysWOW64\wuauclt.exe [12992440 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7480294D-01D1-4C7E-B63E-018786B4D492} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E35C28C-3182-468D-BC73-A9E8F74D3404} - System32\Tasks\SoundInit => schtasks [Argument = /create /f /k /tn SoundBassInit /tr %appdata%\Unpacker\Unpacker.exe /sc minute /mo 30]
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {879EF057-E5B9-4183-9BC2-A4FA94D9C701} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {89A38C13-3EED-4BDD-AF63-DF595464B3D2} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {8C895DFF-D777-478F-AB30-25584D3B2077} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8CC756CD-69DE-494F-8E05-23E7D86EBF0B} - System32\Tasks\Opera scheduled Autoupdate 1604401438 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {9291058D-7164-4C78-B319-8C61C26DFAEC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {988A835A-096A-490D-882B-49142DBF39FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {A009721F-1E26-4D31-9531-8AB2CC03DE36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A102C046-2A59-42E3-A893-7B05B0C3CB08} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A269A781-BB72-4BC2-9EB4-784224FEC0CC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe
Task: {A490616A-73EE-4B70-8F16-6EA75D9EE1BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A906CE25-7389-4221-935A-599735B20DE0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {B1374DBD-415F-4A92-AF06-8A28EA7CD78A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {B6D9DD55-9964-4178-AE18-99D7417DFC59} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {D5E98036-0747-4C70-BC35-94205C1C1881} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6FE1E74-323C-494E-9D46-8E8C2D5B1D30} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DB6DC4C1-5E87-4921-A162-68F320692799} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DD9B035A-B469-48D9-BD04-A1DF4A263819} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {F13203F8-55F5-48E5-882E-89D46E39DCB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{7bf2fd0f-9c00-473c-931e-5fb8f99b8061}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{b46a67f3-5e40-41dd-b30b-9d8bd9cb570d}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-25]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-04-16]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-12]
CHR Extension: (Safe Torrent Scanner) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-12]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-12]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-12]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2021-08-08]
OPR DownloadDir: D:\download
OPR Notifications: Opera Stable -> hxxps://centr-epilacia.ru; hxxps://www.daemon-tools.cc; hxxps://www.sledujfilmy.online; hxxps://www.ubisoft.com; hxxps://www.youtube.com; hxxps://x2convert.com; hxxps://yt1s.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
OPR Extension: (Google Překladač) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2021-08-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-04] (HP Inc. -> HP Inc.)
R2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [75840 2019-02-15] (HTC Corp. -> HTC)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1729432 2021-04-23] (Rockstar Games, Inc. -> Rockstar Games)
R2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [48344 2018-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S3 ViveportDesktopService; C:\Program Files (x86)\VIVE\PCClient\ViveportDesktopService.exe [499776 2020-11-05] (HTC Corp. -> HTC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstkDrv_msi2; C:\Program Files (x86)\BlueStacks_msi2\BstkDrv.sys [269408 2018-06-27] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2020-11-19] (Broadcom Corporation -> Broadcom Corporation.)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2020-11-08] (3am.com(Test) -> HTC, Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 MGHwCtrl; \??\E:\RMA-NB-20210201\MGHwCtrl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-08 12:20 - 2021-08-08 12:21 - 000026904 _____ C:\Users\user\Desktop\FRST.txt
2021-08-08 12:19 - 2021-08-08 12:21 - 000000000 ____D C:\FRST
2021-08-08 12:19 - 2021-08-08 12:19 - 002300416 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2021-08-04 14:45 - 2021-08-04 14:45 - 000000000 ____D C:\WINDOWS\LastGood
2021-08-04 14:42 - 2021-07-13 18:02 - 000645232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-04 14:42 - 2021-07-13 18:00 - 005680760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001474704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001212560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 001520776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000716912 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 002112128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001595520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001171072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000919168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000750208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000706176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-04 14:41 - 2021-07-13 18:00 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 007920768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 002925696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 000447104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-04 14:41 - 2021-07-13 17:59 - 000849008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-04 14:41 - 2021-07-13 17:57 - 006215792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-04 14:41 - 2021-07-12 12:32 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-28 17:51 - 2021-07-28 17:51 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-28 17:51 - 2021-07-28 17:51 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 18:15 - 2021-07-16 18:15 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000016-000000.txt
2021-07-16 18:04 - 2021-07-16 18:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-16 18:04 - 2021-07-16 18:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-16 18:04 - 2021-07-16 18:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-16 18:03 - 2021-07-16 18:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-16 18:03 - 2021-07-16 18:03 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-16 18:03 - 2021-07-16 18:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-16 18:03 - 2021-07-16 18:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-16 17:48 - 2021-08-08 12:11 - 000004382 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1604401443
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-08 12:17 - 2020-11-03 11:55 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-08-08 12:17 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-08 12:15 - 2021-02-12 15:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-08 12:15 - 2021-02-12 15:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-08 12:15 - 2021-02-12 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-08 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-08 12:10 - 2020-11-08 07:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-08 12:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-08 12:09 - 2021-02-12 15:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-08 12:09 - 2021-02-12 15:47 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-08 12:08 - 2020-11-09 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-08 12:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-04 14:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-04 14:45 - 2018-08-11 03:44 - 000000000 ____D C:\Intel
2021-08-04 14:43 - 2018-08-11 03:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-08-04 06:28 - 2020-10-27 11:02 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-08-04 06:23 - 2021-01-07 15:09 - 000000000 ____D C:\ProgramData\HP
2021-08-04 06:20 - 2020-11-09 22:49 - 001591628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-04 06:20 - 2019-12-07 15:41 - 000670536 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-04 06:20 - 2019-12-07 15:41 - 000141546 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-04 06:14 - 2021-04-29 15:41 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-08-04 06:14 - 2021-03-01 19:08 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-08-04 06:14 - 2020-11-15 19:03 - 000003540 _____ C:\WINDOWS\system32\Tasks\SoundBassInit
2021-08-04 06:14 - 2020-11-09 22:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-04 06:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-04 06:14 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\A-Volute
2021-08-04 06:13 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 06:12 - 2021-05-19 12:52 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-08-03 10:17 - 2020-12-08 10:29 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b6e2378e53b5
2021-08-03 10:17 - 2020-11-09 22:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-28 19:34 - 2020-11-09 22:45 - 000298288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-28 17:53 - 2020-12-24 12:39 - 000002420 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-07-28 17:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-28 17:45 - 2020-11-09 22:50 - 000004130 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1604401438
2021-07-28 17:45 - 2020-11-03 12:04 - 000001443 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-07-28 17:43 - 2020-11-18 19:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-20 19:04 - 2020-10-26 02:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-20 19:00 - 2020-10-26 02:54 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-13 17:57 - 2020-11-03 12:20 - 007280312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2021-02-12 10:43 - 2021-03-17 19:19 - 000028672 _____ () C:\Users\user\AppData\Roaming\crash.bin
2020-11-08 08:09 - 2020-11-08 08:09 - 000012288 _____ () C:\Users\user\AppData\Local\vita_uranus.data
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2021
Ran by user (08-08-2021 12:22:11)
Running from C:\Users\user\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2020-11-09 21:51:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2040345487-4043527457-15566561-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2040345487-4043527457-15566561-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2040345487-4043527457-15566561-503 - Limited - Disabled)
Guest (S-1-5-21-2040345487-4043527457-15566561-501 - Limited - Enabled)
user (S-1-5-21-2040345487-4043527457-15566561-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2040345487-4043527457-15566561-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Borderlands 3 (HKLM-x32\...\Borderlands 3_is1) (Version: - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Gun Club VR (HKLM-x32\...\Gun Club VR_is1) (Version: - )
Guns n Stories Bulletproof VR (HKLM-x32\...\Guns n Stories Bulletproof VR_is1) (Version: - )
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
HTC Account (HKLM\...\{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}) (Version: 1.6.1.7 - HTC Corp.) Hidden
In Death (HKLM-x32\...\In Death_is1) (Version: - )
Intel(R) Computing Improvement Program (HKLM\...\{9C2782AC-55D3-4A41-889C-34A51A2CEB67}) (Version: 2.4.05982 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.00.0.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{7BBA920F-39F2-4E2D-94D2-EEEA849AD08B}) (Version: 1.7.1030 - Rivet Networks)
Magnet Engine (x86) (HKLM-x32\...\{CA7A07EC-1BEF-4892-A6E2-C3AC0136D1CA}) (Version: 1.4.8.5 - HTC Corp.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
MSI App Player (HKLM-x32\...\BlueStacks_msi2) (Version: 4.3.10.3014 - BlueStack Systems, Inc.)
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 77.0.4054.277 (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.39.355 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Serious Sam 4 (HKLM-x32\...\1407036516_is1) (Version: 1.01 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Walking Dead Saints and Sinners The Meatgrinder (HKLM-x32\...\The Walking Dead Saints and Sinners The Meatgrinder_is1) (Version: - )
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2018 - Thrustmaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
Ultimate Fishing Simulator VR (HKLM-x32\...\Ultimate Fishing Simulator VR_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
USBBootable (HKLM-x32\...\{3FEBC8B2-8583-4458-9EB4-E6D707F71623}) (Version: 1.0 - Indasy)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.9.186 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{88ae787a-c784-4d21-9eb2-9e22c348bb78}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{34E8EFFA-331A-470D-9BB8-972696FDA657}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{80fb4b44-f420-4ad8-9854-703b730bc391}) (Version: 1.2.3.2 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{882E4EC7-5D28-4D46-AE09-20FB485645BB}) (Version: 1.2.3.2 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 3700 series (HKLM\...\{D948C85E-9164-4C8A-834D-D9F75A974B20}) (Version: 40.12.1161.1896 - HP Inc.)
Packages:
=========
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.18.3.0_x86__q4d96b2w5wcc2 [2021-08-04] (Evernote)
Forza Motorsport 7 -> C:\Program Files\WindowsApps\Microsoft.ApolloBaseGame_1.174.4791.2_x64__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Forza Motorsport 7 Hoonigan Car Pack -> C:\Program Files\WindowsApps\Microsoft.ForzaMotorsport7PreorderBonus_1.3.3.2_neutral__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Free February Spotlight Car -> C:\Program Files\WindowsApps\Microsoft.Feb19SLCar_1.0.1.2_neutral__8wekyb3d8bbwe [2021-05-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-08-04] (HP Inc.)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2131.0_x64__rh07ty8m5nkag [2020-10-26] (Rivet Networks LLC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-10-26] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2020-11-26] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.6.7221.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20204.0_x86__8wekyb3d8bbwe [2021-08-04] (Microsoft Corporation)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-10-26] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.8.6.0_x64__w2gh52qy24etm [2021-08-04] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-04] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-04] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0 [2021-08-04] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2020-11-08] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-12-27 19:00 - 2017-12-27 19:00 - 000105984 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2020-08-03 21:23 - 2020-08-03 21:23 - 000016896 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib_security.dll
2021-08-04 06:11 - 2021-08-04 06:11 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2015-06-12 03:35 - 2015-06-12 03:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2020-08-03 21:23 - 2020-08-03 21:23 - 001688576 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2020-08-03 21:23 - 2020-08-03 21:23 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2021-02-12 05:20 - 000065152 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 thepiratebay.org
127.0.0.1 ukpiratebay.net
127.0.0.1 pirateproxy.surf
127.0.0.1 pirateproxy.ink
127.0.0.1 openpirate.org
127.0.0.1 mypiratebay.club
127.0.0.1 openpirate.cc
127.0.0.1 mypiratebay.net
127.0.0.1 mypiratebay.wtf
127.0.0.1 tpb.cool
127.0.0.1 piratebay.icu
127.0.0.1 tpb.red
127.0.0.1 piratebay.life
127.0.0.1 mypiratebay.fun
127.0.0.1 mypiratebay.co
127.0.0.1 piratebay.tech
127.0.0.1 mypiratebay.life
127.0.0.1 mypiratebay.me
127.0.0.1 mypiratebay.best
127.0.0.1 tpb.bike
127.0.0.1 tpb.email
127.0.0.1 tpb.guru
127.0.0.1 thepiratebay3.to
127.0.0.1 pirate-bay.net
127.0.0.1 thepiratebay.zone
127.0.0.1 pirateproxy.live
127.0.0.1 thepiratebay10.org
127.0.0.1 uspiratebay.net
127.0.0.1 piratebay.live
127.0.0.1 tpb.party
There are 2077 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 172.16.1.1 - 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HusRegisterHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE 2018 Switch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE Cosmos Settings.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2972D8E9-BC0D-4459-B04B-F97C3B5BA361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{712BE080-A2C4-4B00-B33A-393C63DD1807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EB606251-497D-43ED-AB74-E8512E382AA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4B735E4A-9D53-4BAA-BDC2-3965B4F8AC12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BABE6836-857A-4478-90F0-A2606C26E854}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2056AB93-9DE4-4CA6-9E3C-31CD750FACB3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5BD8D04-4CAF-4013-9A21-ACFFAE701F17}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{36C6B92E-7745-4733-BA44-21E348B369F5}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{A18B73A2-DA66-4C36-861C-990A9B17AC61}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{31B90521-4325-4DF9-80A0-68664E6AB8A2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{883E36CF-A5A4-48D2-8EB0-0D75CE8E72C4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{22484A03-29E4-48F5-87F8-08FC1B58A718}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9B917804-87CD-4EA7-B09F-AC1136FD0729}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FF721EE-F455-4CDE-83E2-66CA3F4E38AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A2BBB53-B056-4317-9CFE-983CCA37E01C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1A75ACEE-DB07-4F99-A3F3-5039F7DCFF0D}] => (Allow) C:\Program Files (x86)\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{8B731E02-EC92-4F13-980E-5A3F4403AFF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{C2C7947F-DADC-4A44-B58E-A5F3CA6E7105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{2B9ADC7C-2E39-4123-8135-C167396CC50C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{46251086-DE10-4396-999C-ACA25FDA6E2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{BB3EEA88-6C9E-4ED6-903F-26A9509E708D}] => (Allow) LPort=9223
FirewallRules: [{928BF248-E23A-4F2C-A334-562F34135C4D}] => (Allow) LPort=9245
FirewallRules: [{9233E67A-6345-4209-939E-B47335013274}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{F1CEBAED-4A04-4EB8-91F6-150822626B2E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{E35E35AD-F70C-4A28-97DF-11766545B75C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7435E163-2084-40DE-99EA-212FF51321EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A60F479-B226-46E6-BBF4-D0DE1081B0D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{7823F020-2CBB-41AB-991F-146B14AB5290}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{BAB98C9E-C50D-435C-AB21-BBCD2765D036}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A0EC6F8A-7AC5-40D2-9576-F43F0491B1F6}] => (Allow) LPort=5357
FirewallRules: [{5F01C9D3-156D-4073-BB6C-0117EC663562}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{A8393947-51B2-4916-BB1D-898FB25DED7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38F07C0A-4E7F-485F-96DE-FCE9D8E53FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{20E7917E-314D-4A73-99DC-B0406EF84E26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8FF479C-1EE5-4EFD-AE84-A9519A838706}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C8C1854-E4E1-4601-9BC1-02E14ECBBB78}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{87E08E31-2931-4F3B-899B-ABBBBF9C72EF}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{2510D7F3-D02C-4AB9-AE4F-82D4DC9F2785}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFF80946-621A-4B00-91DB-F932F36A8242}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F1EAF75-A192-4912-ACB5-B00FE6597E97}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F28ABC0C-1106-4591-B872-92B6137AA622}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C70EAE6-F433-481F-BCF8-94AB56557272}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2B696C7-474A-4F10-91FA-7CED2007D045}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAE8E714-13F5-470C-BAF8-DD66CBBA0B91}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{182E9EFD-33DB-43E7-8A12-09E0B7986AD6}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CBD91B5-C641-45C1-9D26-38F6847C781A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D26050A-8D08-4EA3-A605-87059C1BAC31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B361F163-F3F4-4029-A13E-B0B51DDC4F36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D3EE99E-7F0C-4CD2-A95A-95C235112BC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C8D5B27-493E-4622-87F1-CFF79023E7E5}] => (Allow) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{51C5C1E2-92E6-4A20-BB35-A92B5EBA3AB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20204.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF8B0987-738C-4FEA-82A9-49B8BA0722AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3DDD7608-5E3D-44C6-B12A-1F57B765ABDB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11137C28-979F-4EE2-BE00-9652B199CE42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA36585F-1A3F-4799-A063-0351080DA3D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{259490CE-1B0A-45DF-BDCB-61FB141F964C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{248624AC-15E3-4DD3-990B-0FB3CF6CCAFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{104CBC36-73D9-4E7E-BEFB-614A697F03D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7441EAB4-9E81-45A0-AF87-B2CCEB23A84C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.164.561.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03ED4F9F-EB1F-42B6-AD9B-801FE985414B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:29.44 GB) (25%)
==================== Faulty Device Manager Devices ============
Name: Intel(R) UHD Graphics 630
Description: Intel(R) UHD Graphics 630
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/04/2021 06:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0x4a1c
Čas spuštění chybující aplikace: 0x01d788f16d030082
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 4caae975-87e3-46b4-936d-e5272e1e57bd
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:27:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x18a0
Čas spuštění chybující aplikace: 0x01d788f0b69d94cd
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 73c1ad47-9688-41d7-be29-4c90f4a04e8b
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0xcec
Čas spuštění chybující aplikace: 0x01d788efe3b749de
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 9a032a96-6815-4fd4-bb92-c6cce6d7327d
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x3158
Čas spuštění chybující aplikace: 0x01d788efa4c0676e
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 58fa4414-0ca6-4b77-9999-a36c47e94f86
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000007ea648
ID chybujícího procesu: 0x3b38
Čas spuštění chybující aplikace: 0x01d788ef56df2ad4
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 596857bb-d42a-41e5-ada5-ac7447521079
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x1f10
Čas spuštění chybující aplikace: 0x01d788ef48d5fc85
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 6b0ece9b-ee8d-4a82-bd56-3c4ee11a8fc1
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (08/04/2021 02:45:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/04/2021 02:45:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (08/04/2021 02:45:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (08/04/2021 06:24:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).
Error: (08/04/2021 06:14:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cplspcon byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/04/2021 06:14:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (08/04/2021 06:11:51 AM) (Source: DCOM) (EventID: 10001) (User: MSI)
Description: Nelze spustit server DCOM: {355822FC-86F1-4BE8-B5F0-A33736789641} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\SysWOW64\prevhost.exe" {355822FC-86F1-4BE8-B5F0-A33736789641} -Embedding
Error: (08/04/2021 06:11:51 AM) (Source: DCOM) (EventID: 10001) (User: MSI)
Description: Nelze spustit server DCOM: {355822FC-86F1-4BE8-B5F0-A33736789641} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\SysWOW64\prevhost.exe" {355822FC-86F1-4BE8-B5F0-A33736789641} -Embedding
Windows Defender:
================
Date: 2021-08-03 10:13:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79863681-14C0-4945-BE00-08CCF79FC57D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-27 19:57:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A956DC8C-C41F-47F9-A358-9B90E892CDCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-26 22:09:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {30A100B1-E271-434F-A327-C85F1DEA52CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-25 17:54:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E156E64B-AA9B-496E-809D-94F9F636EA32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-25 17:21:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner.XB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_D:\download\Resident.Evil.Village.Deluxe.Edition.Steam.Rip-InsaneRamZes\Resident Evil Village BIOHAZARD VILLAGE\re8.exe; file:_D:\download\Resident.Evil.Village.Deluxe.Edition.Steam.Rip-InsaneRamZes\Resident Evil Village BIOHAZARD VILLAGE\re8.exe->(AutoIT)->AutoIT_Script->(UTF-16LE)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.1413.0, AS: 1.341.1413.0, NIS: 1.341.1413.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10F 05/20/2019
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 57%
Total physical RAM: 16230.27 MB
Available physical RAM: 6961.5 MB
Total Virtual: 32102.27 MB
Available Virtual: 20865.57 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:29.44 GB) NTFS
Drive d: (Data) (Fixed) (Total:912.75 GB) (Free:184.56 GB) NTFS
\\?\Volume{6d3187f7-88df-46d3-976c-4d1b01abe15d}\ () (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS
\\?\Volume{1f1eed8a-9106-4771-b455-744bab13b117}\ (BIOS_RVY) (Fixed) (Total:18.77 GB) (Free:0.69 GB) NTFS
\\?\Volume{a762c0de-6762-4de3-bef4-f1fb36d42163}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 442069E4)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 442069C2)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrol logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrol logu-info.txt
nevím zda bude potřeba takm rpo jistotu... děkuji....
info.txt logfile of random's system information tool 1.10 2021-08-08 12:23:54
======MBR======
0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E4692044000000000200EEFE3FCD01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-000182442176}
AIDA64 Extreme v5.99-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\unins000.exe"
Assassin's Creed: Odyssey-->"D:\Games\Assassin's Creed - Odyssey\unins000.exe"
Battery Calibration-->C:\Program Files (x86)\InstallShield Installation Information\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}\setup.exe -runfromtemp -l0x0409
Borderlands 3-->"D:\Games\Borderlands 3\unins000.exe"
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Documentation Manager-->MsiExec.exe /X{82FBBBC9-616A-4247-BEAD-87B8132D49D2}
Dragon Center-->C:\Program Files (x86)\InstallShield Installation Information\{C65B26BC-5A6F-4135-9678-55A877655471}\setup.exe -runfromtemp -l0x0409
Google Chrome-->"C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
Gun Club VR-->"D:\Games\Gun Club VR\unins000.exe"
Guns n Stories Bulletproof VR-->"D:\Games\Guns n Stories Bulletproof VR\unins000.exe"
Half-Life: Alyx-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/546560
Help Desk-->C:\Program Files (x86)\InstallShield Installation Information\{7E8181AF-9679-49B3-B133-C265709B6927}\setup.exe -runfromtemp -l0x0409
HTC Account-->MsiExec.exe /I{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}
In Death-->"D:\Games\In Death\unins000.exe"
Intel(R) Computing Improvement Program-->MsiExec.exe /X{9C2782AC-55D3-4A41-889C-34A51A2CEB67}
Intel(R) Chipset Device Software-->"C:\ProgramData\Package Cache\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}\SetupChipset.exe" /uninstall
Intel(R) Chipset Device Software-->MsiExec.exe /I{631C57C3-B765-4327-822A-057C34D691CC}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{B39E9D6B-906D-47C0-8FA1-833987DA6F63}
Intel(R) Management Engine Components-->MsiExec.exe /I{CE08DF9B-FD93-4667-8D88-55A216DC6669}
Intel(R) Management Engine Driver-->MsiExec.exe /I{BEB5BAB5-60E3-46D3-BC68-748807F35B8E}
Intel(R) Trusted Connect Service Client x64-->MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442}
Intel(R) Trusted Connect Service Client x86-->MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441}
Intel(R) Trusted Connect Services Client-->"C:\ProgramData\Package Cache\{c700a043-5a4c-4d61-aa88-6c4191f25b64}\iclsClientInstaller.exe" /uninstall
Intel(R) Wireless Bluetooth(R)-->MsiExec.exe /I{00000000-0220-1029-84C8-B8D95FA3C8C3}
Intel® PROSet/Wireless Software-->"C:\ProgramData\Package Cache\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}\ISetup.exe" /uninstall
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{32A56A06-5D92-4CF3-A2AB-43F7A58A657E}
Intel® Software Installer-->"C:\ProgramData\Package Cache\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}\WirelessSetup.exe" /uninstall
ISO to USB-->"C:\Program Files (x86)\ISO to USB\unins000.exe"
KB9X Radio Switch Driver-->C:\PROGRA~1\DIFX\D29FE5~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\kb9xradiobtn.inf_amd64_a36cfb0987a2fdf2\kb9xradiobtn.inf
Killer Ethernet Performance Driver Suite UWD-->MsiExec.exe /X{7BBA920F-39F2-4E2D-94D2-EEEA849AD08B}
Magnet Engine (x86)-->MsiExec.exe /I{CA7A07EC-1BEF-4892-A6E2-C3AC0136D1CA}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Edge-->"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --uninstall --msedge --system-level --verbose-logging
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2010-->MsiExec.exe /X{90140000-0043-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-1000-0000000FF1CE}
Microsoft Office Word 2010-->MsiExec.exe /X{90140000-001B-0000-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-1000-0000000FF1CE}
Microsoft Update Health Tools-->MsiExec.exe /X{E5A95BC5-81DF-4F0C-B910-B59DD012F037}
Microsoft VC++ redistributables repacked.-->MsiExec.exe /I{632D85A6-B94C-440E-B565-26F73CF778D3}
Microsoft VC++ redistributables repacked.-->MsiExec.exe /I{66C00D72-5E34-495E-A4A1-1A31D7BE2FA7}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664-->"C:\ProgramData\Package Cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664-->"C:\ProgramData\Package Cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664-->MsiExec.exe /X{010792BA-551A-3AC0-A7EF-0FAB4156C382}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664-->MsiExec.exe /X{53CF6934-A98D-3D84-9146-FC4EDF3D5641}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664-->MsiExec.exe /X{D401961D-3A20-3AC7-943B-6139D5BD490A}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664-->MsiExec.exe /X{8122DAB1-ED4D-3676-BB0A-CA368196543E}
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112-->"C:\ProgramData\Package Cache\{0f770e99-3916-4b0c-8f9b-83822826bcbf}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016-->"C:\ProgramData\Package Cache\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112-->MsiExec.exe /I{1B4EDD59-90CE-4BDE-8520-630981088165}
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112-->MsiExec.exe /I{37BB1766-C587-49AE-B2DB-618FBDEAB88C}
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016-->MsiExec.exe /I{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016-->MsiExec.exe /I{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}
Microsoft Word 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall WORD /dll OSETUP.DLL
MSI App Player-->C:\ProgramData\BlueStacks_msi2\Client\BlueStacksClientUninstaller.exe :tmp
MSI Feature Navigator-->C:\Program Files (x86)\InstallShield Installation Information\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}\setup.exe -runfromtemp -l0x0409
NVIDIA FrameView SDK 1.1.4923.29968894-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk
NVIDIA GeForce Experience 3.23.0.74-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.38.60-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 471.41-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.19.0218-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\Setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly
Rockstar Games Launcher-->"C:\Program Files\Rockstar Games\Launcher\uninstall.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Serious Sam 4-->"D:\GOG Games\Serious Sam 4\unins000.exe"
STAR WARS™: Squadrons-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1222730
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
SteamVR-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/250820
The Walking Dead Saints and Sinners The Meatgrinder-->"D:\Games\The Walking Dead Saints and Sinners The Meatgrinder\unins000.exe"
Thrustmaster Force Feedback Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -runfromtemp -l0x0409 -removeonly
Ubisoft Connect-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Ultimate Fishing Simulator VR-->"D:\Games\Ultimate Fishing Simulator VR\unins000.exe"
Update for Windows 10 for x64-based Systems (KB4023057)-->MsiExec.exe /X{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}
Update for Windows 10 for x64-based Systems (KB4480730)-->MsiExec.exe /X{0746492E-47B6-4251-940C-44462DFD74BB}
USBBootable-->MsiExec.exe /I{3FEBC8B2-8583-4458-9EB4-E6D707F71623}
VIVE Software-->"C:\Program Files (x86)\VIVE\Updater\Updater.exe" -uninstall "VIVE Software" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE"
VIVEPORT Desktop (x86)-->MsiExec.exe /I{34E8EFFA-331A-470D-9BB8-972696FDA657}
VIVEPORT Desktop-->"C:\ProgramData\Package Cache\{88ae787a-c784-4d21-9eb2-9e22c348bb78}\ViveportDesktopSetup.exe" /uninstall
VIVEPORT Diagnosis (x86)-->MsiExec.exe /I{882E4EC7-5D28-4D46-AE09-20FB485645BB}
VIVEPORT Diagnosis-->"C:\ProgramData\Package Cache\{80fb4b44-f420-4ad8-9854-703b730bc391}\ViveportDiagnosisSetup.exe" /uninstall
VIVEPORT DirectX 9.0 (x86/x64)-->MsiExec.exe /I{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}
VIVEPORT DirectX 9.0-->"C:\ProgramData\Package Cache\{4b01ac5b-340e-4644-828b-0882c8255a4e}\ViveportDX9Setup.exe" /uninstall
VIVEPORT-->"C:\Program Files (x86)\VIVE\Updater\Updater.exe" -uninstall "VIVEPORT" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE"
VLC media player-->"D:\Program Files\VideoLAN\VLC\uninstall.exe"
WinRAR 6.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Základní software zařízení HP DeskJet 3700 series-->MsiExec.exe /I{D948C85E-9164-4C8A-834D-D9F75A974B20}
======Hosts File======
127.0.0.1 thepiratebay.org
127.0.0.1 ukpiratebay.net
127.0.0.1 pirateproxy.surf
127.0.0.1 pirateproxy.ink
127.0.0.1 openpirate.org
127.0.0.1 mypiratebay.club
127.0.0.1 openpirate.cc
127.0.0.1 mypiratebay.net
127.0.0.1 mypiratebay.wtf
127.0.0.1 tpb.cool
======System event log======
Computer Name: MSI
Event Code: 26
Message: Při spouštění byla použita jednorázová spouštěcí sekvence.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20201109214507.826203-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je disabled.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20201109214507.826115-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20201109214536.201269-000
Event Type: Informace
User:
Computer Name: MSI
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 19041 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20201109214536.201269-000
Event Type: Informace
User:
Computer Name: MSI
Event Code: 12
Message: Operační systém se spustil v systémovém čase 2020-11-09T21:45:07.500000000Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20201109214507.826007-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: MSI
Event Code: 642
Message: Catalog Database (3148,D,35) Catalog Database: Verze funkce formátu databáze 9120 (0x23a0) se nedá použít kvůli aktuálnímu formátu databáze 1568.20.0 řízenému parametrem 0x410022D8 (8920 | JET_efvAllowHigherPersistedFormat).
Record Number: 5
Source Name: ESENT
Time Written: 20201109214536.748016-000
Event Type: Upozornění
User:
Computer Name: MSI
Event Code: 642
Message: Catalog Database (3148,D,35) Catalog Database: Verze funkce formátu databáze 9180 (0x23dc) se nedá použít kvůli aktuálnímu formátu databáze 1568.20.0 řízenému parametrem 0x410022D8 (8920 | JET_efvAllowHigherPersistedFormat).
Record Number: 4
Source Name: ESENT
Time Written: 20201109214536.748016-000
Event Type: Upozornění
User:
Computer Name: MSI
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20201109214536.244324-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 2
Source Name: Microsoft-Windows-WMI
Time Written: 20201109214529.228791-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 1
Source Name: Microsoft-Windows-WMI
Time Written: 20201109214528.820445-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoft.windows.xgpuejectdialog_cw5n1h2txyewy_6f3e12c2a894df22.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53190
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.306705-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoft.xboxgamecallableui_cw5n1h2txyewy_f20e4c4d4e876b3f.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53189
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.305440-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_appxmetadata_76835224a6509a72.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53188
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.304175-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_assets_636244f24a04b545.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53187
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.303384-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_inputapp_assets_dictation_39a0f8a370b329c3.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53186
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.302325-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
"configsetroot"=%SystemRoot%\ConfigSetRoot
"NUMBER_OF_PROCESSORS"=12
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 158 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=9e0a
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2021-08-08 12:23:54
======MBR======
0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E4692044000000000200EEFE3FCD01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-000182442176}
AIDA64 Extreme v5.99-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\unins000.exe"
Assassin's Creed: Odyssey-->"D:\Games\Assassin's Creed - Odyssey\unins000.exe"
Battery Calibration-->C:\Program Files (x86)\InstallShield Installation Information\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}\setup.exe -runfromtemp -l0x0409
Borderlands 3-->"D:\Games\Borderlands 3\unins000.exe"
BS.Player FREE-->"C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Documentation Manager-->MsiExec.exe /X{82FBBBC9-616A-4247-BEAD-87B8132D49D2}
Dragon Center-->C:\Program Files (x86)\InstallShield Installation Information\{C65B26BC-5A6F-4135-9678-55A877655471}\setup.exe -runfromtemp -l0x0409
Google Chrome-->"C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
Gun Club VR-->"D:\Games\Gun Club VR\unins000.exe"
Guns n Stories Bulletproof VR-->"D:\Games\Guns n Stories Bulletproof VR\unins000.exe"
Half-Life: Alyx-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/546560
Help Desk-->C:\Program Files (x86)\InstallShield Installation Information\{7E8181AF-9679-49B3-B133-C265709B6927}\setup.exe -runfromtemp -l0x0409
HTC Account-->MsiExec.exe /I{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}
In Death-->"D:\Games\In Death\unins000.exe"
Intel(R) Computing Improvement Program-->MsiExec.exe /X{9C2782AC-55D3-4A41-889C-34A51A2CEB67}
Intel(R) Chipset Device Software-->"C:\ProgramData\Package Cache\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}\SetupChipset.exe" /uninstall
Intel(R) Chipset Device Software-->MsiExec.exe /I{631C57C3-B765-4327-822A-057C34D691CC}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{B39E9D6B-906D-47C0-8FA1-833987DA6F63}
Intel(R) Management Engine Components-->MsiExec.exe /I{CE08DF9B-FD93-4667-8D88-55A216DC6669}
Intel(R) Management Engine Driver-->MsiExec.exe /I{BEB5BAB5-60E3-46D3-BC68-748807F35B8E}
Intel(R) Trusted Connect Service Client x64-->MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442}
Intel(R) Trusted Connect Service Client x86-->MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441}
Intel(R) Trusted Connect Services Client-->"C:\ProgramData\Package Cache\{c700a043-5a4c-4d61-aa88-6c4191f25b64}\iclsClientInstaller.exe" /uninstall
Intel(R) Wireless Bluetooth(R)-->MsiExec.exe /I{00000000-0220-1029-84C8-B8D95FA3C8C3}
Intel® PROSet/Wireless Software-->"C:\ProgramData\Package Cache\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}\ISetup.exe" /uninstall
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{32A56A06-5D92-4CF3-A2AB-43F7A58A657E}
Intel® Software Installer-->"C:\ProgramData\Package Cache\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}\WirelessSetup.exe" /uninstall
ISO to USB-->"C:\Program Files (x86)\ISO to USB\unins000.exe"
KB9X Radio Switch Driver-->C:\PROGRA~1\DIFX\D29FE5~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\kb9xradiobtn.inf_amd64_a36cfb0987a2fdf2\kb9xradiobtn.inf
Killer Ethernet Performance Driver Suite UWD-->MsiExec.exe /X{7BBA920F-39F2-4E2D-94D2-EEEA849AD08B}
Magnet Engine (x86)-->MsiExec.exe /I{CA7A07EC-1BEF-4892-A6E2-C3AC0136D1CA}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Edge-->"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --uninstall --msedge --system-level --verbose-logging
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2010-->MsiExec.exe /X{90140000-0043-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-1000-0000000FF1CE}
Microsoft Office Word 2010-->MsiExec.exe /X{90140000-001B-0000-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-1000-0000000FF1CE}
Microsoft Update Health Tools-->MsiExec.exe /X{E5A95BC5-81DF-4F0C-B910-B59DD012F037}
Microsoft VC++ redistributables repacked.-->MsiExec.exe /I{632D85A6-B94C-440E-B565-26F73CF778D3}
Microsoft VC++ redistributables repacked.-->MsiExec.exe /I{66C00D72-5E34-495E-A4A1-1A31D7BE2FA7}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664-->"C:\ProgramData\Package Cache\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664-->"C:\ProgramData\Package Cache\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664-->MsiExec.exe /X{010792BA-551A-3AC0-A7EF-0FAB4156C382}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664-->MsiExec.exe /X{53CF6934-A98D-3D84-9146-FC4EDF3D5641}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664-->MsiExec.exe /X{D401961D-3A20-3AC7-943B-6139D5BD490A}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664-->MsiExec.exe /X{8122DAB1-ED4D-3676-BB0A-CA368196543E}
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112-->"C:\ProgramData\Package Cache\{0f770e99-3916-4b0c-8f9b-83822826bcbf}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016-->"C:\ProgramData\Package Cache\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29112-->MsiExec.exe /I{1B4EDD59-90CE-4BDE-8520-630981088165}
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29112-->MsiExec.exe /I{37BB1766-C587-49AE-B2DB-618FBDEAB88C}
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016-->MsiExec.exe /I{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016-->MsiExec.exe /I{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}
Microsoft Word 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall WORD /dll OSETUP.DLL
MSI App Player-->C:\ProgramData\BlueStacks_msi2\Client\BlueStacksClientUninstaller.exe :tmp
MSI Feature Navigator-->C:\Program Files (x86)\InstallShield Installation Information\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}\setup.exe -runfromtemp -l0x0409
NVIDIA FrameView SDK 1.1.4923.29968894-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk
NVIDIA GeForce Experience 3.23.0.74-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.38.60-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 471.41-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.19.0218-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\Setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly
Rockstar Games Launcher-->"C:\Program Files\Rockstar Games\Launcher\uninstall.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Serious Sam 4-->"D:\GOG Games\Serious Sam 4\unins000.exe"
STAR WARS™: Squadrons-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1222730
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
SteamVR-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/250820
The Walking Dead Saints and Sinners The Meatgrinder-->"D:\Games\The Walking Dead Saints and Sinners The Meatgrinder\unins000.exe"
Thrustmaster Force Feedback Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe" -runfromtemp -l0x0409 -removeonly
Ubisoft Connect-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Ultimate Fishing Simulator VR-->"D:\Games\Ultimate Fishing Simulator VR\unins000.exe"
Update for Windows 10 for x64-based Systems (KB4023057)-->MsiExec.exe /X{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}
Update for Windows 10 for x64-based Systems (KB4480730)-->MsiExec.exe /X{0746492E-47B6-4251-940C-44462DFD74BB}
USBBootable-->MsiExec.exe /I{3FEBC8B2-8583-4458-9EB4-E6D707F71623}
VIVE Software-->"C:\Program Files (x86)\VIVE\Updater\Updater.exe" -uninstall "VIVE Software" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE"
VIVEPORT Desktop (x86)-->MsiExec.exe /I{34E8EFFA-331A-470D-9BB8-972696FDA657}
VIVEPORT Desktop-->"C:\ProgramData\Package Cache\{88ae787a-c784-4d21-9eb2-9e22c348bb78}\ViveportDesktopSetup.exe" /uninstall
VIVEPORT Diagnosis (x86)-->MsiExec.exe /I{882E4EC7-5D28-4D46-AE09-20FB485645BB}
VIVEPORT Diagnosis-->"C:\ProgramData\Package Cache\{80fb4b44-f420-4ad8-9854-703b730bc391}\ViveportDiagnosisSetup.exe" /uninstall
VIVEPORT DirectX 9.0 (x86/x64)-->MsiExec.exe /I{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}
VIVEPORT DirectX 9.0-->"C:\ProgramData\Package Cache\{4b01ac5b-340e-4644-828b-0882c8255a4e}\ViveportDX9Setup.exe" /uninstall
VIVEPORT-->"C:\Program Files (x86)\VIVE\Updater\Updater.exe" -uninstall "VIVEPORT" "C:\Program Files (x86)\VIVE" "VIVE_SOFTWARE"
VLC media player-->"D:\Program Files\VideoLAN\VLC\uninstall.exe"
WinRAR 6.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Základní software zařízení HP DeskJet 3700 series-->MsiExec.exe /I{D948C85E-9164-4C8A-834D-D9F75A974B20}
======Hosts File======
127.0.0.1 thepiratebay.org
127.0.0.1 ukpiratebay.net
127.0.0.1 pirateproxy.surf
127.0.0.1 pirateproxy.ink
127.0.0.1 openpirate.org
127.0.0.1 mypiratebay.club
127.0.0.1 openpirate.cc
127.0.0.1 mypiratebay.net
127.0.0.1 mypiratebay.wtf
127.0.0.1 tpb.cool
======System event log======
Computer Name: MSI
Event Code: 26
Message: Při spouštění byla použita jednorázová spouštěcí sekvence.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20201109214507.826203-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je disabled.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20201109214507.826115-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20201109214536.201269-000
Event Type: Informace
User:
Computer Name: MSI
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 19041 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20201109214536.201269-000
Event Type: Informace
User:
Computer Name: MSI
Event Code: 12
Message: Operační systém se spustil v systémovém čase 2020-11-09T21:45:07.500000000Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20201109214507.826007-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: MSI
Event Code: 642
Message: Catalog Database (3148,D,35) Catalog Database: Verze funkce formátu databáze 9120 (0x23a0) se nedá použít kvůli aktuálnímu formátu databáze 1568.20.0 řízenému parametrem 0x410022D8 (8920 | JET_efvAllowHigherPersistedFormat).
Record Number: 5
Source Name: ESENT
Time Written: 20201109214536.748016-000
Event Type: Upozornění
User:
Computer Name: MSI
Event Code: 642
Message: Catalog Database (3148,D,35) Catalog Database: Verze funkce formátu databáze 9180 (0x23dc) se nedá použít kvůli aktuálnímu formátu databáze 1568.20.0 řízenému parametrem 0x410022D8 (8920 | JET_efvAllowHigherPersistedFormat).
Record Number: 4
Source Name: ESENT
Time Written: 20201109214536.748016-000
Event Type: Upozornění
User:
Computer Name: MSI
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20201109214536.244324-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 2
Source Name: Microsoft-Windows-WMI
Time Written: 20201109214529.228791-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: MSI
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 1
Source Name: Microsoft-Windows-WMI
Time Written: 20201109214528.820445-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoft.windows.xgpuejectdialog_cw5n1h2txyewy_6f3e12c2a894df22.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53190
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.306705-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoft.xboxgamecallableui_cw5n1h2txyewy_f20e4c4d4e876b3f.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53189
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.305440-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_appxmetadata_76835224a6509a72.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53188
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.304175-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_assets_636244f24a04b545.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53187
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.303384-000
Event Type: Úspěšný audit
User:
Computer Name: MSI
Event Code: 4907
Message: Nastavení auditu objektu se změnila.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MSI$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7
Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\WinSxS\FileMaps\$$_systemapps_microsoftwindows.client.cbs_cw5n1h2txyewy_inputapp_assets_dictation_39a0f8a370b329c3.cdf-ms
ID popisovače: 0x64
Informace o procesu:
ID procesu: 0x119c
Název procesu: C:\Windows\System32\poqexec.exe
Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 53186
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20210521210943.302325-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
"configsetroot"=%SystemRoot%\ConfigSetRoot
"NUMBER_OF_PROCESSORS"=12
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 158 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=9e0a
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118252
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrol logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrol logu
Zde by to mělo být.... děkuji moc za super rychlou pomoc..
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-08-2021
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 31983
# Detected: 8
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Conduit HKCU\Software\Conduit
PUP.Optional.Conduit HKLM\Software\Wow6432Node\Conduit
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Run|System
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-08-2021
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 31983
# Detected: 8
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Conduit HKCU\Software\Conduit
PUP.Optional.Conduit HKLM\Software\Wow6432Node\Conduit
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Run|System
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: kontrol logu
AH... asi by to měl být spíše tento soubor ... omlouvam se...
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-08-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|System
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2050 octets] - [08/08/2021 16:50:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-08-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Run|System
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2050 octets] - [08/08/2021 16:50:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118252
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrol logu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrol logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by user (administrator) on MSI (Micro-Star International Co., Ltd. GP73 Leopard 8RE) (09-08-2021 13:57:52)
Running from C:\Users\user\Desktop
Loaded Profiles: user
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee3c4a51f0270f1f\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SysWOW64\wuauclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <16>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe
(Unpacker) [File not signed] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Opera Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4096720 2021-08-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HusRegisterHelper.lnk [2020-11-26]
ShortcutTarget: HusRegisterHelper.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeRegisterHelper\RegisterHelper.exe (HTC Corp. -> HTC Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE 2018 Switch.lnk [2020-11-26]
ShortcutTarget: VIVE 2018 Switch.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveVRRuntime\ViveVR_utility\SteamVR_ViveVR_Switch.exe (HTC Corp. -> HTC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE Cosmos Settings.lnk [2020-11-26]
ShortcutTarget: VIVE Cosmos Settings.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeSettings\ViveSettings.exe (HTC Corp. -> HTC Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0654CDA0-47AE-46D3-BC78-96B6CA6B5EA5} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {08E86C4E-2F0D-4478-9A4F-8288F35E5D6E} - System32\Tasks\Opera scheduled assistant Autoupdate 1604401443 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1FC3DE0B-5968-4353-8616-6DCD91794BB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {203A1B6A-3E6D-4451-95B4-6F1829CC4504} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {2FAD67EF-A9E1-4F8B-BC15-BC051BF686A2} - System32\Tasks\Microsoft\Windows\MUI\CheckUpdate => C:\WINDOWS\SysWOW64\WindowsUpdateBox.exe [12299993 2021-05-07] (Microsoft Corporation) [File not signed]
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {34626C9B-AA51-470B-B4E5-0653468718EC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37E992EA-E7FE-4B03-BFBA-8016455920E6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3FB79EFD-6FAF-4338-A2F7-D23BB787E80C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {408E449F-6BCA-4C37-B39B-8C8CFAEC0000} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {47FB81CA-560D-48F4-92B3-A040826294AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {482402d7-ad23-49af-b722-01f277ac9064} - no filepath
Task: {485F3DB8-CBCC-40D5-9F5A-8FE193C89536} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {571BF2FC-6121-4491-A133-47F5CD7D8C39} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {69E2160B-3D20-472E-B17A-CE6E816ED9FE} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {6DB2EECE-3636-460C-888F-24D8C30D47D6} - System32\Tasks\Microsoft\Windows\MUI\WindowsUpdate => C:\WINDOWS\SysWOW64\wuauclt.exe [12992440 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7480294D-01D1-4C7E-B63E-018786B4D492} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E35C28C-3182-468D-BC73-A9E8F74D3404} - System32\Tasks\SoundInit => schtasks [Argument = /create /f /k /tn SoundBassInit /tr %appdata%\Unpacker\Unpacker.exe /sc minute /mo 30]
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {879EF057-E5B9-4183-9BC2-A4FA94D9C701} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {89A38C13-3EED-4BDD-AF63-DF595464B3D2} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {8C895DFF-D777-478F-AB30-25584D3B2077} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8CC756CD-69DE-494F-8E05-23E7D86EBF0B} - System32\Tasks\Opera scheduled Autoupdate 1604401438 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {9291058D-7164-4C78-B319-8C61C26DFAEC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {988A835A-096A-490D-882B-49142DBF39FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {A009721F-1E26-4D31-9531-8AB2CC03DE36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A102C046-2A59-42E3-A893-7B05B0C3CB08} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A269A781-BB72-4BC2-9EB4-784224FEC0CC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe
Task: {A3CC672E-0BF6-4ACA-84DA-6E37B1C069F0} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {A490616A-73EE-4B70-8F16-6EA75D9EE1BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A906CE25-7389-4221-935A-599735B20DE0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {B1374DBD-415F-4A92-AF06-8A28EA7CD78A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {B6D9DD55-9964-4178-AE18-99D7417DFC59} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {D5E98036-0747-4C70-BC35-94205C1C1881} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6FE1E74-323C-494E-9D46-8E8C2D5B1D30} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DB6DC4C1-5E87-4921-A162-68F320692799} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DD9B035A-B469-48D9-BD04-A1DF4A263819} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {F13203F8-55F5-48E5-882E-89D46E39DCB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{7bf2fd0f-9c00-473c-931e-5fb8f99b8061}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{b46a67f3-5e40-41dd-b30b-9d8bd9cb570d}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-25]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-04-16]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-12]
CHR Extension: (Safe Torrent Scanner) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-12]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-12]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-12]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2021-08-09]
OPR DownloadDir: D:\download
OPR Notifications: Opera Stable -> hxxps://centr-epilacia.ru; hxxps://www.daemon-tools.cc; hxxps://www.sledujfilmy.online; hxxps://www.ubisoft.com; hxxps://www.youtube.com; hxxps://x2convert.com; hxxps://yt1s.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
OPR Extension: (Google Překladač) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2021-08-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-04] (HP Inc. -> HP Inc.)
S2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [75840 2019-02-15] (HTC Corp. -> HTC)
S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
S2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1729432 2021-04-23] (Rockstar Games, Inc. -> Rockstar Games)
S2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [48344 2018-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S3 ViveportDesktopService; C:\Program Files (x86)\VIVE\PCClient\ViveportDesktopService.exe [499776 2020-11-05] (HTC Corp. -> HTC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
S2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstkDrv_msi2; C:\Program Files (x86)\BlueStacks_msi2\BstkDrv.sys [269408 2018-06-27] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2020-11-19] (Broadcom Corporation -> Broadcom Corporation.)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2020-11-08] (3am.com(Test) -> HTC, Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 MGHwCtrl; \??\E:\RMA-NB-20210201\MGHwCtrl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 13:57 - 2021-08-09 13:59 - 000024588 _____ C:\Users\user\Desktop\FRST.txt
2021-08-09 13:57 - 2021-08-09 13:57 - 000000000 ____D C:\Users\user\Desktop\FRST-OlderVersion
2021-08-08 17:40 - 2021-08-08 17:40 - 000124407 _____ C:\Users\user\Desktop\DxDiag.txt
2021-08-08 17:01 - 2021-08-08 17:01 - 000209126 _____ C:\Users\user\Desktop\DxDiag.xml
2021-08-08 16:54 - 2021-08-08 16:54 - 000002092 _____ C:\Users\user\Desktop\AdwCleaner[C00].txt
2021-08-08 16:49 - 2021-08-08 16:50 - 000000000 ____D C:\AdwCleaner
2021-08-08 16:48 - 2021-08-08 16:48 - 008553680 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner_8.3.0.exe
2021-08-08 12:23 - 2021-08-08 12:23 - 000000000 ____D C:\rsit
2021-08-08 12:23 - 2021-08-08 12:23 - 000000000 ____D C:\Program Files\trend micro
2021-08-08 12:19 - 2021-08-09 13:58 - 000000000 ____D C:\FRST
2021-08-08 12:19 - 2021-08-09 13:57 - 002300416 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2021-08-04 14:45 - 2021-08-04 14:45 - 000000000 ____D C:\WINDOWS\LastGood
2021-08-04 14:42 - 2021-07-13 18:02 - 000645232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-04 14:42 - 2021-07-13 18:00 - 005680760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001474704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001212560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 001520776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000716912 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 002112128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001595520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001171072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000919168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000750208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000706176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-04 14:41 - 2021-07-13 18:00 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 007920768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 002925696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 000447104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-04 14:41 - 2021-07-13 17:59 - 000849008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-04 14:41 - 2021-07-13 17:57 - 006215792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-04 14:41 - 2021-07-12 12:32 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-28 17:51 - 2021-07-28 17:51 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-28 17:51 - 2021-07-28 17:51 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 18:15 - 2021-07-16 18:15 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000016-000000.txt
2021-07-16 18:04 - 2021-07-16 18:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-16 18:04 - 2021-07-16 18:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-16 18:04 - 2021-07-16 18:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-16 18:03 - 2021-07-16 18:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-16 18:03 - 2021-07-16 18:03 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-16 18:03 - 2021-07-16 18:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-16 18:03 - 2021-07-16 18:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-16 17:48 - 2021-08-08 12:11 - 000004382 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1604401443
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 13:59 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-09 13:58 - 2020-11-08 08:06 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-09 13:57 - 2021-02-12 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-09 13:56 - 2020-11-09 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-08 17:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-08 17:38 - 2020-10-23 06:47 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2021-08-08 17:38 - 2018-08-11 03:44 - 000000000 ____D C:\Intel
2021-08-08 17:00 - 2020-11-03 12:05 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2021-08-08 17:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-08 16:52 - 2021-04-29 15:41 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-08-08 16:52 - 2021-03-01 19:08 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-08-08 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-08 16:47 - 2020-11-15 19:03 - 000003540 _____ C:\WINDOWS\system32\Tasks\SoundBassInit
2021-08-08 12:17 - 2020-11-03 11:55 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-08-08 12:15 - 2021-02-12 15:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-08 12:15 - 2021-02-12 15:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-08 12:10 - 2020-11-08 07:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-08 12:09 - 2021-02-12 15:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-08 12:09 - 2021-02-12 15:47 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-08 11:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-04 14:43 - 2018-08-11 03:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-08-04 06:28 - 2020-10-27 11:02 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-08-04 06:23 - 2021-01-07 15:09 - 000000000 ____D C:\ProgramData\HP
2021-08-04 06:20 - 2020-11-09 22:49 - 001591628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-04 06:20 - 2019-12-07 15:41 - 000670536 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-04 06:20 - 2019-12-07 15:41 - 000141546 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-04 06:14 - 2020-11-09 22:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-04 06:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-04 06:14 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\A-Volute
2021-08-04 06:13 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 06:12 - 2021-05-19 12:52 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-08-03 10:17 - 2020-12-08 10:29 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b6e2378e53b5
2021-08-03 10:17 - 2020-11-09 22:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-28 19:34 - 2020-11-09 22:45 - 000298288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-28 17:53 - 2020-12-24 12:39 - 000002420 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-07-28 17:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-28 17:45 - 2020-11-09 22:50 - 000004130 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1604401438
2021-07-28 17:45 - 2020-11-03 12:04 - 000001443 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-07-28 17:43 - 2020-11-18 19:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-20 19:04 - 2020-10-26 02:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-20 19:00 - 2020-10-26 02:54 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-13 17:57 - 2020-11-03 12:20 - 007280312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2021-02-12 10:43 - 2021-03-17 19:19 - 000028672 _____ () C:\Users\user\AppData\Roaming\crash.bin
2020-11-08 08:09 - 2020-11-08 08:09 - 000012288 _____ () C:\Users\user\AppData\Local\vita_uranus.data
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by user (09-08-2021 14:00:12)
Running from C:\Users\user\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2020-11-09 21:51:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2040345487-4043527457-15566561-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2040345487-4043527457-15566561-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2040345487-4043527457-15566561-503 - Limited - Disabled)
Guest (S-1-5-21-2040345487-4043527457-15566561-501 - Limited - Enabled)
user (S-1-5-21-2040345487-4043527457-15566561-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2040345487-4043527457-15566561-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Borderlands 3 (HKLM-x32\...\Borderlands 3_is1) (Version: - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Gun Club VR (HKLM-x32\...\Gun Club VR_is1) (Version: - )
Guns n Stories Bulletproof VR (HKLM-x32\...\Guns n Stories Bulletproof VR_is1) (Version: - )
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
HTC Account (HKLM\...\{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}) (Version: 1.6.1.7 - HTC Corp.) Hidden
In Death (HKLM-x32\...\In Death_is1) (Version: - )
Intel(R) Computing Improvement Program (HKLM\...\{9C2782AC-55D3-4A41-889C-34A51A2CEB67}) (Version: 2.4.05982 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.00.0.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{7BBA920F-39F2-4E2D-94D2-EEEA849AD08B}) (Version: 1.7.1030 - Rivet Networks)
Magnet Engine (x86) (HKLM-x32\...\{CA7A07EC-1BEF-4892-A6E2-C3AC0136D1CA}) (Version: 1.4.8.5 - HTC Corp.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
MSI App Player (HKLM-x32\...\BlueStacks_msi2) (Version: 4.3.10.3014 - BlueStack Systems, Inc.)
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 77.0.4054.277 (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.39.355 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Serious Sam 4 (HKLM-x32\...\1407036516_is1) (Version: 1.01 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Walking Dead Saints and Sinners The Meatgrinder (HKLM-x32\...\The Walking Dead Saints and Sinners The Meatgrinder_is1) (Version: - )
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2018 - Thrustmaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
Ultimate Fishing Simulator VR (HKLM-x32\...\Ultimate Fishing Simulator VR_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
USBBootable (HKLM-x32\...\{3FEBC8B2-8583-4458-9EB4-E6D707F71623}) (Version: 1.0 - Indasy)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.9.186 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{88ae787a-c784-4d21-9eb2-9e22c348bb78}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{34E8EFFA-331A-470D-9BB8-972696FDA657}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{80fb4b44-f420-4ad8-9854-703b730bc391}) (Version: 1.2.3.2 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{882E4EC7-5D28-4D46-AE09-20FB485645BB}) (Version: 1.2.3.2 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 3700 series (HKLM\...\{D948C85E-9164-4C8A-834D-D9F75A974B20}) (Version: 40.12.1161.1896 - HP Inc.)
Packages:
=========
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.18.3.0_x86__q4d96b2w5wcc2 [2021-08-04] (Evernote)
Forza Motorsport 7 -> C:\Program Files\WindowsApps\Microsoft.ApolloBaseGame_1.174.4791.2_x64__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Forza Motorsport 7 Hoonigan Car Pack -> C:\Program Files\WindowsApps\Microsoft.ForzaMotorsport7PreorderBonus_1.3.3.2_neutral__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Free February Spotlight Car -> C:\Program Files\WindowsApps\Microsoft.Feb19SLCar_1.0.1.2_neutral__8wekyb3d8bbwe [2021-05-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-08-04] (HP Inc.)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2131.0_x64__rh07ty8m5nkag [2020-10-26] (Rivet Networks LLC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-10-26] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2020-11-26] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.6.7221.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-10-26] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.8.6.0_x64__w2gh52qy24etm [2021-08-04] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-04] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-04] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-08] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2020-11-08] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-08-04 06:10 - 2021-08-04 06:10 - 103578624 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-04-07 19:33 - 2021-04-07 19:33 - 007068672 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2020-08-03 21:23 - 2020-08-03 21:23 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2021-02-12 05:20 - 000065152 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 thepiratebay.org
127.0.0.1 ukpiratebay.net
127.0.0.1 pirateproxy.surf
127.0.0.1 pirateproxy.ink
127.0.0.1 openpirate.org
127.0.0.1 mypiratebay.club
127.0.0.1 openpirate.cc
127.0.0.1 mypiratebay.net
127.0.0.1 mypiratebay.wtf
127.0.0.1 tpb.cool
127.0.0.1 piratebay.icu
127.0.0.1 tpb.red
127.0.0.1 piratebay.life
127.0.0.1 mypiratebay.fun
127.0.0.1 mypiratebay.co
127.0.0.1 piratebay.tech
127.0.0.1 mypiratebay.life
127.0.0.1 mypiratebay.me
127.0.0.1 mypiratebay.best
127.0.0.1 tpb.bike
127.0.0.1 tpb.email
127.0.0.1 tpb.guru
127.0.0.1 thepiratebay3.to
127.0.0.1 pirate-bay.net
127.0.0.1 thepiratebay.zone
127.0.0.1 pirateproxy.live
127.0.0.1 thepiratebay10.org
127.0.0.1 uspiratebay.net
127.0.0.1 piratebay.live
127.0.0.1 tpb.party
There are 2077 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 172.16.1.1 - 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HusRegisterHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE 2018 Switch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE Cosmos Settings.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2972D8E9-BC0D-4459-B04B-F97C3B5BA361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{712BE080-A2C4-4B00-B33A-393C63DD1807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EB606251-497D-43ED-AB74-E8512E382AA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4B735E4A-9D53-4BAA-BDC2-3965B4F8AC12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BABE6836-857A-4478-90F0-A2606C26E854}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2056AB93-9DE4-4CA6-9E3C-31CD750FACB3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5BD8D04-4CAF-4013-9A21-ACFFAE701F17}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{36C6B92E-7745-4733-BA44-21E348B369F5}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{A18B73A2-DA66-4C36-861C-990A9B17AC61}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{31B90521-4325-4DF9-80A0-68664E6AB8A2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{883E36CF-A5A4-48D2-8EB0-0D75CE8E72C4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{22484A03-29E4-48F5-87F8-08FC1B58A718}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9B917804-87CD-4EA7-B09F-AC1136FD0729}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FF721EE-F455-4CDE-83E2-66CA3F4E38AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A2BBB53-B056-4317-9CFE-983CCA37E01C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1A75ACEE-DB07-4F99-A3F3-5039F7DCFF0D}] => (Allow) C:\Program Files (x86)\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{8B731E02-EC92-4F13-980E-5A3F4403AFF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{C2C7947F-DADC-4A44-B58E-A5F3CA6E7105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{2B9ADC7C-2E39-4123-8135-C167396CC50C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{46251086-DE10-4396-999C-ACA25FDA6E2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{BB3EEA88-6C9E-4ED6-903F-26A9509E708D}] => (Allow) LPort=9223
FirewallRules: [{928BF248-E23A-4F2C-A334-562F34135C4D}] => (Allow) LPort=9245
FirewallRules: [{9233E67A-6345-4209-939E-B47335013274}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{F1CEBAED-4A04-4EB8-91F6-150822626B2E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{E35E35AD-F70C-4A28-97DF-11766545B75C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7435E163-2084-40DE-99EA-212FF51321EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A60F479-B226-46E6-BBF4-D0DE1081B0D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{7823F020-2CBB-41AB-991F-146B14AB5290}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{BAB98C9E-C50D-435C-AB21-BBCD2765D036}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A0EC6F8A-7AC5-40D2-9576-F43F0491B1F6}] => (Allow) LPort=5357
FirewallRules: [{5F01C9D3-156D-4073-BB6C-0117EC663562}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{A8393947-51B2-4916-BB1D-898FB25DED7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38F07C0A-4E7F-485F-96DE-FCE9D8E53FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{20E7917E-314D-4A73-99DC-B0406EF84E26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8FF479C-1EE5-4EFD-AE84-A9519A838706}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2510D7F3-D02C-4AB9-AE4F-82D4DC9F2785}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFF80946-621A-4B00-91DB-F932F36A8242}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F1EAF75-A192-4912-ACB5-B00FE6597E97}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F28ABC0C-1106-4591-B872-92B6137AA622}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C70EAE6-F433-481F-BCF8-94AB56557272}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2B696C7-474A-4F10-91FA-7CED2007D045}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAE8E714-13F5-470C-BAF8-DD66CBBA0B91}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{182E9EFD-33DB-43E7-8A12-09E0B7986AD6}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CBD91B5-C641-45C1-9D26-38F6847C781A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D26050A-8D08-4EA3-A605-87059C1BAC31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B361F163-F3F4-4029-A13E-B0B51DDC4F36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D3EE99E-7F0C-4CD2-A95A-95C235112BC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C8D5B27-493E-4622-87F1-CFF79023E7E5}] => (Allow) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{03ED4F9F-EB1F-42B6-AD9B-801FE985414B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{58E6DA58-9350-4D84-B17D-E7BD04E5D7FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12B8ACFF-E65D-4CB7-9DB1-1036B2688ADA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2EDD4AF8-FCD1-4218-8341-E5D6B84E69A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2DDE9E9B-7367-4484-AF5D-6C62E0013C60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA3A22AC-8BC3-44C6-966D-9666467484E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D406DCC5-3265-4C65-AEC8-7FD5315135FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1C0E8A9-1058-4A74-A9A2-3229AECA5C87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93A7BFA4-CE53-4679-861F-8A953865B5CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C91437-C919-4D98-AC23-6C936F6FF2BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43FBFF49-E07C-4FBA-8E9D-FF4E41292AE5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{1BAF67B8-A121-4801-B5F3-A163F881B343}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:29.36 GB) (25%)
==================== Faulty Device Manager Devices ============
Name: Intel(R) UHD Graphics 630
Description: Intel(R) UHD Graphics 630
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/04/2021 06:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0x4a1c
Čas spuštění chybující aplikace: 0x01d788f16d030082
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 4caae975-87e3-46b4-936d-e5272e1e57bd
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:27:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x18a0
Čas spuštění chybující aplikace: 0x01d788f0b69d94cd
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 73c1ad47-9688-41d7-be29-4c90f4a04e8b
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0xcec
Čas spuštění chybující aplikace: 0x01d788efe3b749de
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 9a032a96-6815-4fd4-bb92-c6cce6d7327d
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x3158
Čas spuštění chybující aplikace: 0x01d788efa4c0676e
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 58fa4414-0ca6-4b77-9999-a36c47e94f86
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000007ea648
ID chybujícího procesu: 0x3b38
Čas spuštění chybující aplikace: 0x01d788ef56df2ad4
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 596857bb-d42a-41e5-ada5-ac7447521079
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x1f10
Čas spuštění chybující aplikace: 0x01d788ef48d5fc85
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 6b0ece9b-ee8d-4a82-bd56-3c4ee11a8fc1
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (08/09/2021 01:57:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (08/08/2021 06:01:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Web Management byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nahimic service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.
Windows Defender:
================
Date: 2021-08-08 17:27:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D299B3CA-B6D7-4256-A7D3-1E903598D56D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-08 11:43:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7572DBE4-495C-4A6D-9BD5-B1020C3F2A3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-03 10:13:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79863681-14C0-4945-BE00-08CCF79FC57D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-27 19:57:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A956DC8C-C41F-47F9-A358-9B90E892CDCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-26 22:09:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {30A100B1-E271-434F-A327-C85F1DEA52CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10F 05/20/2019
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 69%
Total physical RAM: 16230.27 MB
Available physical RAM: 5013.07 MB
Total Virtual: 32102.27 MB
Available Virtual: 17456.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:29.37 GB) NTFS
Drive d: (Data) (Fixed) (Total:912.75 GB) (Free:184.55 GB) NTFS
\\?\Volume{6d3187f7-88df-46d3-976c-4d1b01abe15d}\ () (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS
\\?\Volume{1f1eed8a-9106-4771-b455-744bab13b117}\ (BIOS_RVY) (Fixed) (Total:18.77 GB) (Free:0.69 GB) NTFS
\\?\Volume{a762c0de-6762-4de3-bef4-f1fb36d42163}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 442069E4)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 442069C2)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by user (administrator) on MSI (Micro-Star International Co., Ltd. GP73 Leopard 8RE) (09-08-2021 13:57:52)
Running from C:\Users\user\Desktop
Loaded Profiles: user
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9ea30e7f88626f47\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ee3c4a51f0270f1f\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SysWOW64\wuauclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WebManagement.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <16>
(Opera Software AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe
(Unpacker) [File not signed] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12da6ad5ef67a6ed\RtkAudUService64.exe [1262168 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [Opera Browser Assistant] => C:\Users\user\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4096720 2021-08-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Policies\Explorer\DisallowRun: [1] irsetup.exe
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HusRegisterHelper.lnk [2020-11-26]
ShortcutTarget: HusRegisterHelper.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeRegisterHelper\RegisterHelper.exe (HTC Corp. -> HTC Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE 2018 Switch.lnk [2020-11-26]
ShortcutTarget: VIVE 2018 Switch.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveVRRuntime\ViveVR_utility\SteamVR_ViveVR_Switch.exe (HTC Corp. -> HTC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VIVE Cosmos Settings.lnk [2020-11-26]
ShortcutTarget: VIVE Cosmos Settings.lnk -> C:\Program Files (x86)\VIVE\Updater\App\ViveEyeSettings\ViveSettings.exe (HTC Corp. -> HTC Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0654CDA0-47AE-46D3-BC78-96B6CA6B5EA5} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {08E86C4E-2F0D-4478-9A4F-8288F35E5D6E} - System32\Tasks\Opera scheduled assistant Autoupdate 1604401443 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\user\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1FC3DE0B-5968-4353-8616-6DCD91794BB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {203A1B6A-3E6D-4451-95B4-6F1829CC4504} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {2FAD67EF-A9E1-4F8B-BC15-BC051BF686A2} - System32\Tasks\Microsoft\Windows\MUI\CheckUpdate => C:\WINDOWS\SysWOW64\WindowsUpdateBox.exe [12299993 2021-05-07] (Microsoft Corporation) [File not signed]
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {34626C9B-AA51-470B-B4E5-0653468718EC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37E992EA-E7FE-4B03-BFBA-8016455920E6} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3FB79EFD-6FAF-4338-A2F7-D23BB787E80C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {408E449F-6BCA-4C37-B39B-8C8CFAEC0000} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {47FB81CA-560D-48F4-92B3-A040826294AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {482402d7-ad23-49af-b722-01f277ac9064} - no filepath
Task: {485F3DB8-CBCC-40D5-9F5A-8FE193C89536} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {571BF2FC-6121-4491-A133-47F5CD7D8C39} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [5849896 2018-07-27] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {69E2160B-3D20-472E-B17A-CE6E816ED9FE} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {6DB2EECE-3636-460C-888F-24D8C30D47D6} - System32\Tasks\Microsoft\Windows\MUI\WindowsUpdate => C:\WINDOWS\SysWOW64\wuauclt.exe [12992440 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7480294D-01D1-4C7E-B63E-018786B4D492} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E35C28C-3182-468D-BC73-A9E8F74D3404} - System32\Tasks\SoundInit => schtasks [Argument = /create /f /k /tn SoundBassInit /tr %appdata%\Unpacker\Unpacker.exe /sc minute /mo 30]
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {879EF057-E5B9-4183-9BC2-A4FA94D9C701} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {89A38C13-3EED-4BDD-AF63-DF595464B3D2} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {8C895DFF-D777-478F-AB30-25584D3B2077} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8CC756CD-69DE-494F-8E05-23E7D86EBF0B} - System32\Tasks\Opera scheduled Autoupdate 1604401438 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {9291058D-7164-4C78-B319-8C61C26DFAEC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {988A835A-096A-490D-882B-49142DBF39FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {A009721F-1E26-4D31-9531-8AB2CC03DE36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A102C046-2A59-42E3-A893-7B05B0C3CB08} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A269A781-BB72-4BC2-9EB4-784224FEC0CC} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe
Task: {A3CC672E-0BF6-4ACA-84DA-6E37B1C069F0} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {A490616A-73EE-4B70-8F16-6EA75D9EE1BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A906CE25-7389-4221-935A-599735B20DE0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {B1374DBD-415F-4A92-AF06-8A28EA7CD78A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38560 2021-08-04] (HP Inc. -> HP Inc.)
Task: {B6D9DD55-9964-4178-AE18-99D7417DFC59} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {D5E98036-0747-4C70-BC35-94205C1C1881} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6FE1E74-323C-494E-9D46-8E8C2D5B1D30} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DB6DC4C1-5E87-4921-A162-68F320692799} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {DD9B035A-B469-48D9-BD04-A1DF4A263819} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {F13203F8-55F5-48E5-882E-89D46E39DCB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{7bf2fd0f-9c00-473c-931e-5fb8f99b8061}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Tcpip\..\Interfaces\{b46a67f3-5e40-41dd-b30b-9d8bd9cb570d}: [DhcpNameServer] 172.16.1.1 172.16.1.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-25]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-04-16]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-12]
CHR Extension: (Safe Torrent Scanner) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-12]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-12]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-12]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-12]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-12]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-16]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2021-08-09]
OPR DownloadDir: D:\download
OPR Notifications: Opera Stable -> hxxps://centr-epilacia.ru; hxxps://www.daemon-tools.cc; hxxps://www.sledujfilmy.online; hxxps://www.ubisoft.com; hxxps://www.youtube.com; hxxps://x2convert.com; hxxps://yt1s.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
OPR Extension: (Google Překladač) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2021-08-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-08-04] (HP Inc. -> HP Inc.)
S2 HTC Account Service; C:\Program Files\HTC Account\Htc.Identity.Service.exe [75840 2019-02-15] (HTC Corp. -> HTC)
S2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483376 2018-06-15] (Rivet Networks LLC -> Rivet Networks)
S2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1729432 2021-04-23] (Rockstar Games, Inc. -> Rockstar Games)
S2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [48344 2018-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S3 ViveportDesktopService; C:\Program Files (x86)\VIVE\PCClient\ViveportDesktopService.exe [499776 2020-11-05] (HTC Corp. -> HTC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
S2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-06-15] (Rivet Networks LLC -> CloudBees, Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstkDrv_msi2; C:\Program Files (x86)\BlueStacks_msi2\BstkDrv.sys [269408 2018-06-27] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2020-11-19] (Broadcom Corporation -> Broadcom Corporation.)
S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2020-11-08] (3am.com(Test) -> HTC, Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-06-15] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [41104 2019-08-27] (SteelSeries ApS -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
S3 MGHwCtrl; \??\E:\RMA-NB-20210201\MGHwCtrl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 13:57 - 2021-08-09 13:59 - 000024588 _____ C:\Users\user\Desktop\FRST.txt
2021-08-09 13:57 - 2021-08-09 13:57 - 000000000 ____D C:\Users\user\Desktop\FRST-OlderVersion
2021-08-08 17:40 - 2021-08-08 17:40 - 000124407 _____ C:\Users\user\Desktop\DxDiag.txt
2021-08-08 17:01 - 2021-08-08 17:01 - 000209126 _____ C:\Users\user\Desktop\DxDiag.xml
2021-08-08 16:54 - 2021-08-08 16:54 - 000002092 _____ C:\Users\user\Desktop\AdwCleaner[C00].txt
2021-08-08 16:49 - 2021-08-08 16:50 - 000000000 ____D C:\AdwCleaner
2021-08-08 16:48 - 2021-08-08 16:48 - 008553680 _____ (Malwarebytes) C:\Users\user\Desktop\adwcleaner_8.3.0.exe
2021-08-08 12:23 - 2021-08-08 12:23 - 000000000 ____D C:\rsit
2021-08-08 12:23 - 2021-08-08 12:23 - 000000000 ____D C:\Program Files\trend micro
2021-08-08 12:19 - 2021-08-09 13:58 - 000000000 ____D C:\FRST
2021-08-08 12:19 - 2021-08-09 13:57 - 002300416 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2021-08-04 14:45 - 2021-08-04 14:45 - 000000000 ____D C:\WINDOWS\LastGood
2021-08-04 14:42 - 2021-07-13 18:02 - 000645232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-04 14:42 - 2021-07-13 18:00 - 005680760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-04 14:41 - 2021-07-13 18:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001474704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:06 - 001212560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 001520776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000716912 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-04 14:41 - 2021-07-13 18:02 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 002112128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001595520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 001171072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000919168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000750208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-08-04 14:41 - 2021-07-13 18:01 - 000706176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-04 14:41 - 2021-07-13 18:00 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 007920768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 002925696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-04 14:41 - 2021-07-13 18:00 - 000447104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-04 14:41 - 2021-07-13 17:59 - 000849008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-04 14:41 - 2021-07-13 17:57 - 006215792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-04 14:41 - 2021-07-12 12:32 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-28 17:51 - 2021-07-28 17:51 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-28 17:51 - 2021-07-28 17:51 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-28 17:51 - 2021-07-28 17:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 18:15 - 2021-07-16 18:15 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000016-000000.txt
2021-07-16 18:04 - 2021-07-16 18:04 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-16 18:04 - 2021-07-16 18:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-16 18:04 - 2021-07-16 18:04 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-16 18:04 - 2021-07-16 18:04 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-16 18:03 - 2021-07-16 18:03 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-16 18:03 - 2021-07-16 18:03 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-16 18:03 - 2021-07-16 18:03 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-16 18:03 - 2021-07-16 18:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-16 17:48 - 2021-08-08 12:11 - 000004382 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1604401443
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-08-09 13:59 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-09 13:58 - 2020-11-08 08:06 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-09 13:57 - 2021-02-12 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-09 13:56 - 2020-11-09 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-08 17:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-08 17:38 - 2020-10-23 06:47 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2021-08-08 17:38 - 2018-08-11 03:44 - 000000000 ____D C:\Intel
2021-08-08 17:00 - 2020-11-03 12:05 - 000000000 ____D C:\Users\user\AppData\Local\D3DSCache
2021-08-08 17:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-08 16:52 - 2021-04-29 15:41 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-08-08 16:52 - 2021-03-01 19:08 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-08-08 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-08 16:47 - 2020-11-15 19:03 - 000003540 _____ C:\WINDOWS\system32\Tasks\SoundBassInit
2021-08-08 12:17 - 2020-11-03 11:55 - 000000000 ____D C:\Users\user\AppData\Local\NVIDIA
2021-08-08 12:15 - 2021-02-12 15:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-08 12:15 - 2021-02-12 15:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-08 12:10 - 2020-11-08 07:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-08 12:09 - 2021-02-12 15:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-08 12:09 - 2021-02-12 15:47 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-08 11:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-04 14:43 - 2018-08-11 03:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-08-04 06:28 - 2020-10-27 11:02 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2021-08-04 06:23 - 2021-01-07 15:09 - 000000000 ____D C:\ProgramData\HP
2021-08-04 06:20 - 2020-11-09 22:49 - 001591628 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-04 06:20 - 2019-12-07 15:41 - 000670536 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-04 06:20 - 2019-12-07 15:41 - 000141546 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-04 06:14 - 2020-11-09 22:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-04 06:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-04 06:14 - 2018-08-11 03:45 - 000000000 ____D C:\ProgramData\A-Volute
2021-08-04 06:13 - 2018-08-08 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 06:12 - 2021-05-19 12:52 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-08-03 10:17 - 2020-12-08 10:29 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b6e2378e53b5
2021-08-03 10:17 - 2020-11-09 22:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-28 19:34 - 2020-11-09 22:45 - 000298288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-28 19:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-28 17:53 - 2020-12-24 12:39 - 000002420 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-07-28 17:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-28 17:45 - 2020-11-09 22:50 - 000004130 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1604401438
2021-07-28 17:45 - 2020-11-03 12:04 - 000001443 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-07-28 17:43 - 2020-11-18 19:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-20 19:04 - 2020-10-26 02:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-20 19:00 - 2020-10-26 02:54 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-16 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-13 17:57 - 2020-11-03 12:20 - 007280312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2021-02-12 10:43 - 2021-03-17 19:19 - 000028672 _____ () C:\Users\user\AppData\Roaming\crash.bin
2020-11-08 08:09 - 2020-11-08 08:09 - 000012288 _____ () C:\Users\user\AppData\Local\vita_uranus.data
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by user (09-08-2021 14:00:12)
Running from C:\Users\user\Desktop
Windows 10 Home Version 21H1 19043.1110 (X64) (2020-11-09 21:51:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2040345487-4043527457-15566561-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2040345487-4043527457-15566561-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2040345487-4043527457-15566561-503 - Limited - Disabled)
Guest (S-1-5-21-2040345487-4043527457-15566561-501 - Limited - Enabled)
user (S-1-5-21-2040345487-4043527457-15566561-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-2040345487-4043527457-15566561-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Assassin's Creed: Odyssey (HKLM-x32\...\Assassin's Creed: Odyssey_is1) (Version: - )
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Borderlands 3 (HKLM-x32\...\Borderlands 3_is1) (Version: - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Documentation Manager (HKLM\...\{82FBBBC9-616A-4247-BEAD-87B8132D49D2}) (Version: 22.0.0.6 - Intel Corporation) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.3.1807.2601 - Micro-Star International Co., Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Gun Club VR (HKLM-x32\...\Gun Club VR_is1) (Version: - )
Guns n Stories Bulletproof VR (HKLM-x32\...\Guns n Stories Bulletproof VR_is1) (Version: - )
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1806.2501 - Micro-Star International Co., Ltd.)
HTC Account (HKLM\...\{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}) (Version: 1.6.1.7 - HTC Corp.) Hidden
In Death (HKLM-x32\...\In Death_is1) (Version: - )
Intel(R) Computing Improvement Program (HKLM\...\{9C2782AC-55D3-4A41-889C-34A51A2CEB67}) (Version: 2.4.05982 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000000-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.00.0.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{056c22c9-0ef2-4a10-ba00-4d68d16c5669}) (Version: 22.0.0.6 - Intel Corporation) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
KB9X Radio Switch Driver (HKLM\...\7A70B8EDE77ED614C261B89A36D4C656443FD153) (Version: 1.1.8.0 - ENE TECHNOLOGY INC.)
Killer Ethernet Performance Driver Suite UWD (HKLM\...\{7BBA920F-39F2-4E2D-94D2-EEEA849AD08B}) (Version: 1.7.1030 - Rivet Networks)
Magnet Engine (x86) (HKLM-x32\...\{CA7A07EC-1BEF-4892-A6E2-C3AC0136D1CA}) (Version: 1.4.8.5 - HTC Corp.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
MSI App Player (HKLM-x32\...\BlueStacks_msi2) (Version: 4.3.10.3014 - BlueStack Systems, Inc.)
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1807.1701 - Micro-Star International Co., Ltd.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 77.0.4054.277 (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.39.355 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Serious Sam 4 (HKLM-x32\...\1407036516_is1) (Version: 1.01 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Walking Dead Saints and Sinners The Meatgrinder (HKLM-x32\...\The Walking Dead Saints and Sinners The Meatgrinder_is1) (Version: - )
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2018 - Thrustmaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
Ultimate Fishing Simulator VR (HKLM-x32\...\Ultimate Fishing Simulator VR_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
USBBootable (HKLM-x32\...\{3FEBC8B2-8583-4458-9EB4-E6D707F71623}) (Version: 1.0 - Indasy)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.9.186 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{88ae787a-c784-4d21-9eb2-9e22c348bb78}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{34E8EFFA-331A-470D-9BB8-972696FDA657}) (Version: 1.4.8.5 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{80fb4b44-f420-4ad8-9854-703b730bc391}) (Version: 1.2.3.2 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{882E4EC7-5D28-4D46-AE09-20FB485645BB}) (Version: 1.2.3.2 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 3700 series (HKLM\...\{D948C85E-9164-4C8A-834D-D9F75A974B20}) (Version: 40.12.1161.1896 - HP Inc.)
Packages:
=========
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.18.3.0_x86__q4d96b2w5wcc2 [2021-08-04] (Evernote)
Forza Motorsport 7 -> C:\Program Files\WindowsApps\Microsoft.ApolloBaseGame_1.174.4791.2_x64__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Forza Motorsport 7 Hoonigan Car Pack -> C:\Program Files\WindowsApps\Microsoft.ForzaMotorsport7PreorderBonus_1.3.3.2_neutral__8wekyb3d8bbwe [2021-05-19] (Microsoft Studios)
Free February Spotlight Car -> C:\Program Files\WindowsApps\Microsoft.Feb19SLCar_1.0.1.2_neutral__8wekyb3d8bbwe [2021-05-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-08-04] (HP Inc.)
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2131.0_x64__rh07ty8m5nkag [2020-10-26] (Rivet Networks LLC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-10-26] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2020-11-26] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-26] (Microsoft Studios) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1810.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.6.7221.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-08] (Microsoft Corporation)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-10-26] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.8.6.0_x64__w2gh52qy24etm [2021-08-04] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-04] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-04] (INTEL CORP) [Startup Task]
PhotoDirector8 for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector8forMSI_8.0.4020.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
PowerDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirectorforMSI_15.0.4024.0_x64__jtmmp2jxy9gb6 [2018-08-11] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-08] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2020-11-08] (Synaptics Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-02-19] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\user\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_45030e1b94489c65\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-08-04 06:10 - 2021-08-04 06:10 - 103578624 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.dll
2021-04-07 19:33 - 2021-04-07 19:33 - 007068672 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
2020-08-03 21:23 - 2020-08-03 21:23 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2021-02-12 05:20 - 000065152 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 thepiratebay.org
127.0.0.1 ukpiratebay.net
127.0.0.1 pirateproxy.surf
127.0.0.1 pirateproxy.ink
127.0.0.1 openpirate.org
127.0.0.1 mypiratebay.club
127.0.0.1 openpirate.cc
127.0.0.1 mypiratebay.net
127.0.0.1 mypiratebay.wtf
127.0.0.1 tpb.cool
127.0.0.1 piratebay.icu
127.0.0.1 tpb.red
127.0.0.1 piratebay.life
127.0.0.1 mypiratebay.fun
127.0.0.1 mypiratebay.co
127.0.0.1 piratebay.tech
127.0.0.1 mypiratebay.life
127.0.0.1 mypiratebay.me
127.0.0.1 mypiratebay.best
127.0.0.1 tpb.bike
127.0.0.1 tpb.email
127.0.0.1 tpb.guru
127.0.0.1 thepiratebay3.to
127.0.0.1 pirate-bay.net
127.0.0.1 thepiratebay.zone
127.0.0.1 pirateproxy.live
127.0.0.1 thepiratebay10.org
127.0.0.1 uspiratebay.net
127.0.0.1 piratebay.live
127.0.0.1 tpb.party
There are 2077 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 172.16.1.1 - 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HusRegisterHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE 2018 Switch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VIVE Cosmos Settings.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2972D8E9-BC0D-4459-B04B-F97C3B5BA361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{712BE080-A2C4-4B00-B33A-393C63DD1807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EB606251-497D-43ED-AB74-E8512E382AA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4B735E4A-9D53-4BAA-BDC2-3965B4F8AC12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BABE6836-857A-4478-90F0-A2606C26E854}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2056AB93-9DE4-4CA6-9E3C-31CD750FACB3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5BD8D04-4CAF-4013-9A21-ACFFAE701F17}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{36C6B92E-7745-4733-BA44-21E348B369F5}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{A18B73A2-DA66-4C36-861C-990A9B17AC61}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{31B90521-4325-4DF9-80A0-68664E6AB8A2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{883E36CF-A5A4-48D2-8EB0-0D75CE8E72C4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{22484A03-29E4-48F5-87F8-08FC1B58A718}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{9B917804-87CD-4EA7-B09F-AC1136FD0729}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FF721EE-F455-4CDE-83E2-66CA3F4E38AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A2BBB53-B056-4317-9CFE-983CCA37E01C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1A75ACEE-DB07-4F99-A3F3-5039F7DCFF0D}] => (Allow) C:\Program Files (x86)\BlueStacks_msi2\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{8B731E02-EC92-4F13-980E-5A3F4403AFF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{C2C7947F-DADC-4A44-B58E-A5F3CA6E7105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{2B9ADC7C-2E39-4123-8135-C167396CC50C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{46251086-DE10-4396-999C-ACA25FDA6E2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{BB3EEA88-6C9E-4ED6-903F-26A9509E708D}] => (Allow) LPort=9223
FirewallRules: [{928BF248-E23A-4F2C-A334-562F34135C4D}] => (Allow) LPort=9245
FirewallRules: [{9233E67A-6345-4209-939E-B47335013274}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{F1CEBAED-4A04-4EB8-91F6-150822626B2E}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{E35E35AD-F70C-4A28-97DF-11766545B75C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7435E163-2084-40DE-99EA-212FF51321EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3A60F479-B226-46E6-BBF4-D0DE1081B0D8}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{7823F020-2CBB-41AB-991F-146B14AB5290}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{BAB98C9E-C50D-435C-AB21-BBCD2765D036}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A0EC6F8A-7AC5-40D2-9576-F43F0491B1F6}] => (Allow) LPort=5357
FirewallRules: [{5F01C9D3-156D-4073-BB6C-0117EC663562}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{A8393947-51B2-4916-BB1D-898FB25DED7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38F07C0A-4E7F-485F-96DE-FCE9D8E53FC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{20E7917E-314D-4A73-99DC-B0406EF84E26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8FF479C-1EE5-4EFD-AE84-A9519A838706}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2510D7F3-D02C-4AB9-AE4F-82D4DC9F2785}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFF80946-621A-4B00-91DB-F932F36A8242}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F1EAF75-A192-4912-ACB5-B00FE6597E97}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F28ABC0C-1106-4591-B872-92B6137AA622}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C70EAE6-F433-481F-BCF8-94AB56557272}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2B696C7-474A-4F10-91FA-7CED2007D045}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAE8E714-13F5-470C-BAF8-DD66CBBA0B91}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{182E9EFD-33DB-43E7-8A12-09E0B7986AD6}] => (Allow) C:\WINDOWS\SysWOW64\wuauclt.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CBD91B5-C641-45C1-9D26-38F6847C781A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D26050A-8D08-4EA3-A605-87059C1BAC31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B361F163-F3F4-4029-A13E-B0B51DDC4F36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D3EE99E-7F0C-4CD2-A95A-95C235112BC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C8D5B27-493E-4622-87F1-CFF79023E7E5}] => (Allow) C:\Users\user\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{03ED4F9F-EB1F-42B6-AD9B-801FE985414B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{58E6DA58-9350-4D84-B17D-E7BD04E5D7FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12B8ACFF-E65D-4CB7-9DB1-1036B2688ADA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2EDD4AF8-FCD1-4218-8341-E5D6B84E69A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2DDE9E9B-7367-4484-AF5D-6C62E0013C60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA3A22AC-8BC3-44C6-966D-9666467484E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D406DCC5-3265-4C65-AEC8-7FD5315135FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1C0E8A9-1058-4A74-A9A2-3229AECA5C87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93A7BFA4-CE53-4679-861F-8A953865B5CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C91437-C919-4D98-AC23-6C936F6FF2BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43FBFF49-E07C-4FBA-8E9D-FF4E41292AE5}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{1BAF67B8-A121-4801-B5F3-A163F881B343}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:29.36 GB) (25%)
==================== Faulty Device Manager Devices ============
Name: Intel(R) UHD Graphics 630
Description: Intel(R) UHD Graphics 630
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/04/2021 06:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0x4a1c
Čas spuštění chybující aplikace: 0x01d788f16d030082
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 4caae975-87e3-46b4-936d-e5272e1e57bd
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:27:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x18a0
Čas spuštění chybující aplikace: 0x01d788f0b69d94cd
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 73c1ad47-9688-41d7-be29-4c90f4a04e8b
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000008d517e
ID chybujícího procesu: 0xcec
Čas spuštění chybující aplikace: 0x01d788efe3b749de
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 9a032a96-6815-4fd4-bb92-c6cce6d7327d
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:16:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x3158
Čas spuštění chybující aplikace: 0x01d788efa4c0676e
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 58fa4414-0ca6-4b77-9999-a36c47e94f86
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x00000000007ea648
ID chybujícího procesu: 0x3b38
Čas spuštění chybující aplikace: 0x01d788ef56df2ad4
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 596857bb-d42a-41e5-ada5-ac7447521079
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (08/04/2021 06:12:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HP.Smart.exe, verze: 129.1.234.0, časové razítko: 0x60f9d671
Název chybujícího modulu: SharedLibrary.dll, verze: 2.2.29512.0, časové razítko: 0x5fad1a6e
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000826e0a
ID chybujícího procesu: 0x1f10
Čas spuštění chybující aplikace: 0x01d788ef48d5fc85
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.29512.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 6b0ece9b-ee8d-4a82-bd56-3c4ee11a8fc1
Úplný název chybujícího balíčku: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: AD2F1837.HPPrinterControl
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/16/2021 06:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (08/09/2021 01:57:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (08/08/2021 06:01:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Web Management byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nahimic service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (08/08/2021 04:51:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.
Windows Defender:
================
Date: 2021-08-08 17:27:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D299B3CA-B6D7-4256-A7D3-1E903598D56D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-08 11:43:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7572DBE4-495C-4A6D-9BD5-B1020C3F2A3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-03 10:13:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79863681-14C0-4945-BE00-08CCF79FC57D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-27 19:57:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A956DC8C-C41F-47F9-A358-9B90E892CDCA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-26 22:09:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {30A100B1-E271-434F-A327-C85F1DEA52CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.233.0
Předchozí verze bezpečnostních informací: 1.341.1563.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-07-02 12:04:30
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-10 15:17:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.464.0
Předchozí verze bezpečnostních informací: 1.339.1367.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10F 05/20/2019
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 69%
Total physical RAM: 16230.27 MB
Available physical RAM: 5013.07 MB
Total Virtual: 32102.27 MB
Available Virtual: 17456.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:29.37 GB) NTFS
Drive d: (Data) (Fixed) (Total:912.75 GB) (Free:184.55 GB) NTFS
\\?\Volume{6d3187f7-88df-46d3-976c-4d1b01abe15d}\ () (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS
\\?\Volume{1f1eed8a-9106-4771-b455-744bab13b117}\ (BIOS_RVY) (Fixed) (Total:18.77 GB) (Free:0.69 GB) NTFS
\\?\Volume{a762c0de-6762-4de3-bef4-f1fb36d42163}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 442069E4)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 442069C2)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118252
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrol logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrol logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021
Ran by user (12-08-2021 11:07:50) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS" => removed successfully
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32e81265-5560-4282-9a8b-6d856f4971e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FE12580-26F7-42AE-A472-E7F4FFA756EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FE12580-26F7-42AE-A472-E7F4FFA756EC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CF35C2F-A072-4E58-988E-DFCF5BEF20C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CF35C2F-A072-4E58-988E-DFCF5BEF20C8}" => removed successfully
C:\WINDOWS\System32\Tasks\SoundBassInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoundBassInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4256B6DC-C597-459D-A84F-1F5AE0CFB21C} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A0D746C-1BF2-4745-9830-BA0F31A3E476}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2876E98F-BE68-454E-BA27-F4993F8B4887}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7DA20F7-B613-49AE-93E2-198238DBAF0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42445418 B
Java, Flash, Steam htmlcache => 363211060 B
Windows/system/drivers => 11241465 B
Edge => 61392 B
Chrome => 68196483 B
Firefox => 0 B
Opera => 388085076 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 226304 B
user => 89818318 B
RecycleBin => 0 B
EmptyTemp: => 927.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:08:23 ====
Ran by user (12-08-2021 11:07:50) Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\...\Winlogon: [Shell] C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {32e81265-5560-4282-9a8b-6d856f4971e7} - no filepath
Task: {7FE12580-26F7-42AE-A472-E7F4FFA756EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Task: {9CF35C2F-A072-4E58-988E-DFCF5BEF20C8} - System32\Tasks\SoundBassInit => C:\Users\user\AppData\Roaming\Unpacker\Unpacker.exe [287912960 2020-11-14] (Unpacker) [File not signed] <==== ATTENTION
Task: {C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-12] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2020-11-05 06:19:31&bName=
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> DefaultScope {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
SearchScopes: HKU\S-1-5-21-2040345487-4043527457-15566561-1001 -> {4256B6DC-C597-459D-A84F-1F5AE0CFB21C} URL =
FirewallRules: [{8A0D746C-1BF2-4745-9830-BA0F31A3E476}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2876E98F-BE68-454E-BA27-F4993F8B4887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E7DA20F7-B613-49AE-93E2-198238DBAF0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
FirewallRules: [{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS" => removed successfully
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32e81265-5560-4282-9a8b-6d856f4971e7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FE12580-26F7-42AE-A472-E7F4FFA756EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FE12580-26F7-42AE-A472-E7F4FFA756EC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CF35C2F-A072-4E58-988E-DFCF5BEF20C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CF35C2F-A072-4E58-988E-DFCF5BEF20C8}" => removed successfully
C:\WINDOWS\System32\Tasks\SoundBassInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SoundBassInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C169F0B5-4218-4E69-BAC1-CCF4B9BE80D5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-2040345487-4043527457-15566561-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-2040345487-4043527457-15566561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2040345487-4043527457-15566561-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4256B6DC-C597-459D-A84F-1F5AE0CFB21C} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A0D746C-1BF2-4745-9830-BA0F31A3E476}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2876E98F-BE68-454E-BA27-F4993F8B4887}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7DA20F7-B613-49AE-93E2-198238DBAF0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D2A9543-3BE6-40FE-9E74-3B1CC584A36F}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42445418 B
Java, Flash, Steam htmlcache => 363211060 B
Windows/system/drivers => 11241465 B
Edge => 61392 B
Chrome => 68196483 B
Firefox => 0 B
Opera => 388085076 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 226304 B
user => 89818318 B
RecycleBin => 0 B
EmptyTemp: => 927.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:08:23 ====
-
Rudy
- Site Admin
- Příspěvky: 118252
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrol logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?