Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Prosím o kontrolu logu

#1 Příspěvek od Bubenos »

Windows defender hlásí hrozbu, skoro každý den ten soubor obnovuje. Konkrétně se jedná o cscript.exe ( zasílám obrázek v příloze ).

Prosím tedy o kontrolu logu. Děkuji
cskript.png
cskript.png (30.33 KiB) Zobrazeno 977 x
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2021
Ran by dbube (administrator) on DESKTOP-48MB1C3 (ATComputers TRILINE PROFI OFFICE) (13-08-2021 21:34:25)
Running from D:\Programy
Loaded Profiles: dbube
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe
(Bad Panda, Inc. -> Bad Panda, Inc.) C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe <6>
(Discord Inc. -> Discord Inc.) C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Discord] => C:\Users\dbube\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Gif Your Game] => C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-08-10] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Run: [Discord] => C:\Users\Vlasťule\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0307D6D5-D21C-41EA-96C8-B255658C50BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07986CF8-43D5-4912-9B05-CA6263A7B4AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10D03C8F-FC2E-44CE-AD30-BB4914AA11A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BB60CE9-224F-409B-BA95-77A03E0A6A0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {3BA721FB-7708-4803-83C4-FACEFD33031E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55A33193-7971-439E-9762-CB9B4A91CC18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60772A8F-335C-4C62-931D-DACF10279E0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FE6A2C0-4FC4-4B8D-85E7-40E5BA9C88A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905F9ACA-862D-4BDA-B9F4-E2C2FB9E6247} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90D06DA3-E888-4D74-9C1E-D3321F9EDA5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E92E098-E8B6-47ED-A810-2F99CEB01A2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2C6754C-8DE5-4EA1-BFAF-148116685EBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C748CBC0-8DD3-404A-8BC1-DF8DF3FA76C3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-04-03] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E9E0E335-410D-4069-9FF0-1F60F33AAAC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE4A556B-9322-447F-8387-F6D3BC62698D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{b7f826c6-ea01-4714-a535-4e19bd4e854c}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{c6197426-c54d-4121-a8e4-ec03077a2b2b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\dbube\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-13]

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2021-08-13]
CHR DownloadDir: C:\Users\dbube\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-21]
CHR Extension: (BetterTTV) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-08-07]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-21]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (FrankerFaceZ) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-04-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-04] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
R3 MpKsleaa83092; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FD0DA0-C2E1-4235-AA43-D3E831254D93}\MpKslDrv.sys [123112 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 nvoclk64; C:\WINDOWS\System32\drivers\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 21:34 - 2021-08-13 21:34 - 000000000 ____D C:\FRST
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 05:58 - 2021-08-12 05:58 - 000000000 ___HD C:\$WinREAgent
2021-08-11 19:12 - 2021-08-11 19:11 - 000382411 _____ C:\Users\dbube\Desktop\OP.jpeg
2021-08-11 19:05 - 2021-08-11 19:05 - 000638018 _____ C:\Users\dbube\Desktop\GDPR2.jpeg
2021-08-11 19:05 - 2021-08-11 19:04 - 000634636 _____ C:\Users\dbube\Desktop\GDPR1.jpeg
2021-08-11 19:02 - 2021-08-11 19:02 - 000045641 _____ C:\Users\dbube\Desktop\GDPR.pdf
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001474672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34 - 2021-08-06 10:41 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 008854136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 005680768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34 - 2021-08-06 10:39 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-11 15:34 - 2021-08-06 10:38 - 006215808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-11 15:34 - 2021-08-05 23:12 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-08-07 17:38 - 2021-08-07 17:38 - 000000000 ____D C:\Users\dbube\AppData\Local\GSS2
2021-08-07 17:22 - 2021-08-07 17:22 - 000000223 _____ C:\Users\dbube\Desktop\Gas Station Simulator Prologue - Early Days.url
2021-08-07 16:41 - 2021-08-07 16:41 - 001165100 _____ C:\Users\dbube\Desktop\(BUBEN)ALL_STARS - Stat Hráč.pdf
2021-08-02 06:32 - 2021-08-09 08:45 - 000010398 _____ C:\Users\Vlasťule\Desktop\Co už mám domluveno.odt
2021-08-01 18:03 - 2021-08-01 18:03 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2021-08-01 18:03 - 2021-08-01 18:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-08-01 18:02 - 2021-08-01 18:02 - 000000000 ____D C:\ProgramData\Dell
2021-08-01 17:51 - 2021-08-01 17:51 - 000000000 ____D C:\ProgramData\Outbyte
2021-08-01 17:28 - 2021-08-01 17:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140.zip
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140 (1).zip
2021-07-30 08:22 - 2021-07-30 08:22 - 000117280 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade (1).pdf
2021-07-30 08:19 - 2021-07-30 08:19 - 000117293 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade.pdf
2021-07-29 08:19 - 2021-07-29 08:26 - 000000000 ____D C:\Users\Vlasťule\Desktop\Terinka v Praze Červenec 2021
2021-07-28 19:59 - 2021-07-28 19:59 - 000000112 ___SH C:\bootTel.dat
2021-07-28 19:59 - 2021-07-28 19:59 - 000000000 __SHD C:\found.000
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-07-28 19:45 - 2021-07-12 13:32 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-28 19:44 - 2021-08-06 10:41 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-28 19:44 - 2021-08-06 10:38 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:30 - 2021-07-28 20:39 - 000000060 _____ C:\Users\dbube\Downloads\query.htm
2021-07-28 19:16 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 16:04 - 2021-08-05 17:16 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 16:04 - 2021-08-05 17:16 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 18:32 - 2021-07-15 18:32 - 000000000 ____D C:\Users\dbube\AppData\LocalLow\Amistech

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 21:36 - 2021-01-18 12:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-13 21:34 - 2019-05-21 15:54 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-13 21:32 - 2020-09-06 13:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-13 21:32 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Roaming\discord
2021-08-13 21:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-13 21:21 - 2020-09-06 13:45 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A8E94C42-9C4F-4DEE-9B06-7CDE732D054B}
2021-08-13 21:21 - 2019-05-21 15:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-13 21:14 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Local\Discord
2021-08-13 17:34 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-13 16:57 - 2021-01-22 16:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-13 15:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-13 15:21 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-13 15:20 - 2020-09-06 13:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:20 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-13 15:20 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-13 15:13 - 2020-09-06 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 15:13 - 2020-09-06 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 17:28 - 2020-09-06 13:38 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 17:28 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 17:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 06:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:58 - 2019-05-22 12:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:56 - 2019-05-22 12:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 19:11 - 2019-09-07 16:57 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2021-08-11 16:54 - 2019-05-21 15:50 - 000000000 ____D C:\Users\dbube\AppData\Local\Packages
2021-08-11 15:42 - 2019-05-21 16:24 - 000000000 ____D C:\Users\dbube\AppData\Local\NVIDIA
2021-08-09 18:11 - 2020-08-09 19:37 - 000000000 ____D C:\Users\Vlasťule\AppData\Roaming\discord
2021-08-09 18:05 - 2020-10-31 22:45 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\Discord
2021-08-09 08:25 - 2020-09-06 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1001
2021-08-09 08:25 - 2020-09-06 13:39 - 000002377 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:25 - 2019-05-21 15:51 - 000000000 ___RD C:\Users\dbube\OneDrive
2021-08-09 08:23 - 2020-09-06 13:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1002
2021-08-09 08:23 - 2020-09-06 13:39 - 000002386 _____ C:\Users\Vlasťule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:23 - 2019-05-25 09:17 - 000000000 ___RD C:\Users\Vlasťule\OneDrive
2021-08-08 20:25 - 2019-05-21 18:27 - 000000000 ____D C:\Users\dbube\AppData\Local\CrashDumps
2021-08-07 23:15 - 2020-09-06 13:39 - 000000000 ____D C:\Users\dbube
2021-08-07 17:38 - 2020-03-18 19:33 - 000000000 ____D C:\Users\dbube\AppData\Local\UnrealEngine
2021-08-07 17:22 - 2021-04-15 22:03 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-07 17:09 - 2020-03-21 13:22 - 000000000 ____D C:\Users\dbube\AppData\Local\Battle.net
2021-08-07 15:14 - 2020-07-15 11:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-04 15:42 - 2019-05-21 15:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 15:42 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 05:55 - 2020-09-06 13:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 05:55 - 2020-09-06 13:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 17:45 - 2020-12-16 19:11 - 000000000 ____D C:\Users\dbube\Documents\Obnova hesel nebo účtu
2021-08-01 17:23 - 2019-05-21 16:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-01 15:43 - 2021-01-14 13:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-08-01 15:43 - 2021-01-14 13:31 - 000000000 ____D C:\Users\dbube\Documents\Adobe
2021-08-01 15:40 - 2021-01-14 13:28 - 000000000 ____D C:\Program Files\Adobe
2021-07-29 09:40 - 2019-08-15 17:47 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\PlaceholderTileLogoFolder
2021-07-29 09:33 - 2020-11-12 09:05 - 000000000 ___RD C:\Users\Vlasťule\Documents\Scanned Documents
2021-07-28 19:48 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 16:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 15:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:16 - 2020-09-06 13:45 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:13 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-01-22 16:39 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 16:39 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 20:04 - 2019-12-14 23:12 - 000000000 ____D C:\Users\dbube\AppData\Roaming\qBittorrent
2021-07-14 16:36 - 2019-05-21 18:41 - 000000000 ____D C:\Users\dbube\AppData\Local\D3DSCache
2021-07-14 15:33 - 2019-08-08 16:27 - 000013189 _____ C:\Users\dbube\Desktop\PLATBY.odt

==================== Files in the root of some directories ========

2020-06-09 15:08 - 2020-06-09 15:08 - 000004973 _____ () C:\Users\dbube\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#2 Příspěvek od Bubenos »

a log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by dbube at 2021-08-13 21:46:19
Microsoft Windows 10 Home
System drive C: has 26 GB (23%) free of 114 GB
Total RAM: 16320 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:20, on 13.08.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0906)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\dbube.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\Run: [Discord] C:\Users\dbube\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [Gif Your Game] "C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_67bfa - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem10.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: @oem10.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9284 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
"C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
dashost.exe {779a9a93-168b-49af-8f205d20c2a1bad6}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump

"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21062.150.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1992,11784705933645439193,10259786493068151237,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACACwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=3248637414427293365 --mojo-platform-channel-handle=2080 /prefetch:2
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1992,11784705933645439193,10259786493068151237,131072 --disable-features=VizDisplayCompositor --service-pipe-token=18202738869688230686 --lang=en-US --log-file="C:\Users\dbube\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18202738869688230686 --renderer-client-id=3 --mojo-platform-channel-handle=2588 /prefetch:1
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe"
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"
C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\dbube\AppData\Roaming\discord /prefetch:7 --no-rate-limit --no-upload-gzip --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\dbube\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/? ... be03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9002 --annotation=prod=Electron --annotation=ver=9.3.5 --initial-client-data=0x46c,0x470,0x474,0x448,0x478,0x5c14078,0x5c14088,0x5c14094
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=gpu-process --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1700 /prefetch:2
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=utility --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2112 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\resources\app.asar" --no-sandbox --no-zygote --native-window-open --preload="C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\modules\discord_desktop_core-3\discord_desktop_core\core.asar\app\mainScreenPreload.js" --context-isolation --background-color=#202225 --enable-spellcheck --enable-websql --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1 --enable-node-leakage-in-renderers
"C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe" -ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k AarSvcGroup -p -s AarSvc
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=gpu-process --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1764 /prefetch:2
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2180 /prefetch:8
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=renderer --js-flags=--max-old-space-size=8192 --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=gg.badpanda --app-path="C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar" --node-integration --node-integration-in-worker --no-sandbox --no-zygote --enable-remote-module --background-color=#0c0c0c --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1 --audio-only=false --disable-renderer-backgrounding
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=renderer --js-flags=--max-old-space-size=8192 --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=gg.badpanda --app-path="C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar" --node-integration --no-sandbox --no-zygote --enable-remote-module --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2500 /prefetch:1 --audio-only=true --disable-renderer-backgrounding
"C:\Users\dbube\AppData\Local\Discord\app-1.0.9002\Discord.exe" --type=utility --field-trial-handle=1680,9081771253380065553,11066855845659123926,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=3420 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files (x86)\Steam\Steam.exe" -- "steam://rungameid/252950"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\dbube\AppData\Local\Steam\htmlcache" "-steampid=9716" "-buildid=1626824053" "-steamid=0" "-cachedir=C:\Users\dbube\AppData\Local\Steam\htmlcache" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\dbube\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1626824053 --initial-client-data=0x338,0x33c,0x340,0x334,0x344,0x7ffd4cecbf10,0x7ffd4cecbf20,0x7ffd4cecbf30
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1626824053 --steamid=0 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=13741454153931473766 --mojo-platform-channel-handle=1452 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --lang=cs --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1626824053 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=12238178013777895268 --mojo-platform-channel-handle=1664 /prefetch:8
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6400056311554282590 --renderer-client-id=5 --mojo-platform-channel-handle=2736 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5895780708968842739 --renderer-client-id=6 --mojo-platform-channel-handle=2908 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1548,6881333190819038412,15134906723851125465,131072 --disable-features=MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1626824053 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8475701003700723290 --renderer-client-id=7 --mojo-platform-channel-handle=3156 /prefetch:1
"C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1756,2289200239687870693,6345814003460442402,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=2312 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21070.22007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\dbube\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=92.0.4515.131 --initial-client-data=0xf4,0xf8,0xfc,0xd0,0x100,0x7ffd35c25390,0x7ffd35c253a0,0x7ffd35c253b0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1924 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2248 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=5104 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CaptureService
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1712,786533803286492693,8727906804302973389,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x5e8
"D:\Programy\RSITx64.exe"


"D:\Programy\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784

======Scheduled tasks folder======

C:\WINDOWS\tasks\Intel PTT EK Recertification.job - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho_64.dll [2021-08-05 522648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\BHO\ie_to_edge_bho.dll [2021-08-05 406928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-04-01 9270776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Discord"=C:\Users\dbube\AppData\Local\Discord\Update.exe [2020-12-03 1512760]
"Gif Your Game"=C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [2021-08-10 126447560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-08-13 21:43:04 ----D---- C:\rsit
2021-08-13 21:34:10 ----D---- C:\FRST
2021-08-12 06:05:52 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\wmp.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-08-12 06:05:51 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-08-12 06:05:50 ----A---- C:\WINDOWS\system32\cdp.dll
2021-08-12 06:05:49 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-08-12 06:05:49 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MPG4DECD.DLL
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MP43DECD.DLL
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-08-12 06:05:45 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2021-08-12 06:05:44 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-08-12 06:05:43 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mfps.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-08-12 06:05:42 ----A---- C:\WINDOWS\system32\mf.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-08-12 06:05:41 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-08-12 06:05:40 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-08-12 06:05:39 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\winhttpcom.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiashext.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiadefui.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\wiaacmgr.exe
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\PayloadRestrictions.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-08-12 06:05:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wslapi.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wsl.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\wkspbroker.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\Spectrum.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\SIHClient.exe
2021-08-12 06:05:36 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\systemreset.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\offreg.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\nltest.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\klist.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-08-12 06:05:35 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-08-12 06:05:34 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-08-12 06:05:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-08-12 06:05:32 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiashext.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiadefui.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\jscript.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-08-12 06:05:31 ----A---- C:\WINDOWS\HelpPane.exe
2021-08-12 06:05:30 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-08-12 06:05:30 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\winhttpcom.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\skci.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\resutils.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\PayloadRestrictions.dll
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-08-12 06:05:29 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\newdev.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\ndadmin.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\devrtl.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\devobj.dll
2021-08-12 06:05:28 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\cfgmgr32.dll
2021-08-12 06:05:27 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\DispBroker.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-08-12 06:05:26 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-08-12 06:05:25 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2021-08-12 06:05:25 ----A---- C:\WINDOWS\SYSWOW64\aadWamExtension.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\wsmprovhost.exe
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2021-08-12 06:05:24 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmRes.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\wsmplpxy.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAuto.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\WsmAgent.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-08-12 06:05:23 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-08-12 06:05:23 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\shell32.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\setupapi.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\rtutils.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\pnputil.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ntprint.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ntprint.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\newdev.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\newdev.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\ndadmin.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drvsetup.dll
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drvinst.exe
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2021-08-12 06:05:22 ----A---- C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\wininet.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\nlasvc.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\nlaapi.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\ncsi.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\jsproxy.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\joinutil.dll
2021-08-12 06:05:21 ----A---- C:\WINDOWS\system32\gpapi.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\wuuhext.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\tdh.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\ntlanman.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\lpk.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\gpsvc.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\efslsaext.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-08-12 06:05:20 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\sscore.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\srvsvc.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\WdfLdr.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-08-12 06:05:19 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\wusa.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\winhttp.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\webio.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\hal.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\dnsapi.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\devrtl.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\devobj.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\ci.dll
2021-08-12 06:05:18 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\winresume.exe
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\winload.exe
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\dwmghost.dll
2021-08-12 06:05:17 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\uReFS.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\refsutil.exe
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-08-12 06:05:16 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmRes.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WsmAgent.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\NotificationController.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-08-12 06:05:15 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wups2.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wups.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\upshared.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\updatecsp.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\ProductEnumerator.dll
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-08-12 06:05:14 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wintrust.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32u.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\win32k.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\usoapi.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\user32.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\profext.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\drivers\CEA.sys
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-08-12 06:05:13 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\storewuauth.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\ISM.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-08-12 06:05:12 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\tquery.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssph.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\InputService.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-08-12 06:05:11 ----A---- C:\WINDOWS\system32\DispBroker.dll
2021-08-12 06:05:10 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\thumbcache.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\cdd.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadWamExtension.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-08-12 06:05:05 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\wudriver.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-08-12 06:05:04 ----A---- C:\WINDOWS\system32\DataExchange.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\wpx.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\win32spl.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\twinui.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\localspl.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2021-08-12 06:05:03 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-08-12 06:05:03 ----A---- C:\WINDOWS\explorer.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\bcdedit.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-08-12 06:05:02 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-08-12 06:05:02 ----A---- C:\WINDOWS\splwow64.exe
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\ManageCI.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\iscsilog.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\TsUsbGD.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\monitor.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2021-08-12 06:05:01 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-08-12 05:58:52 ----HD---- C:\$WinREAgent
2021-08-12 05:58:43 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-08-12 05:58:42 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-08-11 15:34:28 ----A---- C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34:28 ----A---- C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34:19 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34:14 ----A---- C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34:13 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2021-08-11 15:34:13 ----A---- C:\WINDOWS\system32\MCU.exe
2021-08-01 18:03:30 ----HD---- C:\Program Files (x86)\Temp
2021-08-01 18:03:23 ----A---- C:\WINDOWS\SYSWOW64\RtkMsgs.dll
2021-08-01 18:02:59 ----D---- C:\ProgramData\Dell
2021-08-01 17:51:24 ----D---- C:\ProgramData\Outbyte
2021-08-01 17:28:03 ----D---- C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:27:52 ----A---- C:\WINDOWS\system32\msvcp140.dll
2021-07-28 19:59:02 ----SH---- C:\bootTel.dat
2021-07-28 19:59:01 ----SHD---- C:\found.000
2021-07-28 19:48:02 ----D---- C:\WINDOWS\system32\lxss
2021-07-28 19:48:02 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvhdap64.dll
2021-07-28 19:45:11 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2021-07-28 19:44:22 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2021-07-28 19:44:16 ----A---- C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:16:40 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\sdchange.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\raserver.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\racpldlg.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\SYSWOW64\msra.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\sdchange.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\raserver.exe
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\racpldlg.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\msrahc.dll
2021-07-16 16:12:45 ----A---- C:\WINDOWS\system32\msra.exe
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2021-07-16 16:12:41 ----A---- C:\WINDOWS\SYSWOW64\COLORCNV.DLL
2021-07-16 16:12:40 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2021-07-16 16:12:40 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\signdrv.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2021-07-16 16:12:39 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\signdrv.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msisip.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msinfo32.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msi.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\msconfig.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-07-16 16:12:36 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\drivers\afunix.sys
2021-07-16 16:12:32 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\httpapi.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\rastapi.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\drivers\afunix.sys
2021-07-16 16:12:31 ----A---- C:\WINDOWS\system32\comctl32.dll
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-07-16 16:12:30 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\httpapi.dll
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-07-16 16:12:29 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\samsrv.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\samlib.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\offlinesam.dll
2021-07-16 16:12:28 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-07-16 16:12:27 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\wci.dll
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-07-16 16:12:26 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-07-16 16:12:25 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2021-07-16 16:12:25 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2021-07-16 16:12:24 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys

======List of files/folders modified in the last 1 month======

2021-08-13 21:46:20 ----D---- C:\Program Files\trend micro
2021-08-13 21:46:11 ----D---- C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-13 21:43:24 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-08-13 21:43:12 ----D---- C:\WINDOWS\Prefetch
2021-08-13 21:37:29 ----D---- C:\WINDOWS\INF
2021-08-13 21:34:43 ----D---- C:\Program Files (x86)\Steam
2021-08-13 21:34:42 ----SHD---- C:\System Volume Information
2021-08-13 21:32:50 ----D---- C:\Users\dbube\AppData\Roaming\discord
2021-08-13 21:32:40 ----D---- C:\WINDOWS\system32\SleepStudy
2021-08-13 21:21:50 ----D---- C:\Program Files (x86)\Google
2021-08-13 21:18:00 ----D---- C:\WINDOWS\system32\sru
2021-08-13 17:34:44 ----D---- C:\ProgramData\NVIDIA
2021-08-13 16:57:59 ----SHDC---- C:\WINDOWS\Installer
2021-08-13 16:57:59 ----D---- C:\WINDOWS\Temp
2021-08-13 16:57:59 ----D---- C:\WINDOWS\system32\Logs
2021-08-13 16:57:59 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:59:46 ----RD---- C:\WINDOWS\Microsoft.NET
2021-08-13 15:58:24 ----HD---- C:\Program Files\WindowsApps
2021-08-13 15:58:24 ----D---- C:\WINDOWS\AppReadiness
2021-08-13 15:20:19 ----D---- C:\WINDOWS\System32
2021-08-13 15:20:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:16:48 ----D---- C:\WINDOWS\system32\config
2021-08-13 15:13:42 ----D---- C:\WINDOWS\system32\catroot2
2021-08-13 15:13:22 ----ASH---- C:\DumpStack.log.tmp
2021-08-12 17:28:35 ----D---- C:\WINDOWS\WinSxS
2021-08-12 17:28:28 ----D---- C:\WINDOWS\system32\DriverStore
2021-08-12 17:28:18 ----D---- C:\WINDOWS\SysWOW64
2021-08-12 17:28:18 ----D---- C:\WINDOWS\system32\drivers
2021-08-12 17:27:38 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-08-12 17:27:38 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-08-12 17:27:37 ----SD---- C:\WINDOWS\system32\UNP
2021-08-12 17:27:37 ----D---- C:\WINDOWS\SystemResources
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\wbem
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\oobe
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\migration
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\en-US
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\Dism
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\cs-CZ
2021-08-12 17:27:37 ----D---- C:\WINDOWS\system32\Boot
2021-08-12 17:27:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27:36 ----D---- C:\WINDOWS\ShellComponents
2021-08-12 17:27:36 ----D---- C:\WINDOWS\servicing
2021-08-12 17:27:36 ----D---- C:\WINDOWS\bcastdvr
2021-08-12 17:27:36 ----D---- C:\WINDOWS\apppatch
2021-08-12 17:27:36 ----D---- C:\Windows
2021-08-12 17:27:36 ----D---- C:\Program Files\Internet Explorer
2021-08-12 17:27:36 ----D---- C:\Program Files (x86)\Internet Explorer
2021-08-12 06:07:50 ----D---- C:\WINDOWS\CbsTemp
2021-08-12 05:58:17 ----D---- C:\WINDOWS\system32\MRT
2021-08-12 05:56:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-08-09 08:25:12 ----D---- C:\WINDOWS\system32\Tasks
2021-08-04 15:42:58 ----D---- C:\WINDOWS\system32\drivers\wd
2021-08-01 18:03:30 ----RD---- C:\Program Files (x86)
2021-08-01 18:02:59 ----HD---- C:\ProgramData
2021-08-01 17:23:59 ----D---- C:\ProgramData\Package Cache
2021-08-01 15:40:57 ----D---- C:\Program Files\Adobe
2021-07-28 20:01:11 ----D---- C:\WINDOWS\system32\WDI
2021-07-28 19:59:40 ----SD---- C:\ProgramData\Microsoft
2021-07-28 19:48:08 ----D---- C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46:13 ----D---- C:\Program Files\NVIDIA Corporation
2021-07-28 19:46:13 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2021-07-28 19:12:27 ----D---- C:\WINDOWS\SYSWOW64\drivers
2021-07-28 19:12:27 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12:27 ----D---- C:\WINDOWS\system32\CodeIntegrity
2021-07-28 19:12:27 ----D---- C:\Program Files\Windows Mail
2021-07-28 19:12:27 ----D---- C:\Program Files\Common Files\System
2021-07-28 19:12:27 ----D---- C:\Program Files (x86)\Windows Mail
2021-07-28 19:12:13 ----D---- C:\WINDOWS\system32\Sysprep
2021-07-16 09:45:32 ----A---- C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45:30 ----A---- C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 20:04:38 ----D---- C:\Users\dbube\AppData\Roaming\qBittorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2019-04-03 1469952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-09 57168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-12-07 88080]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-16 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-07-09 97792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-07-09 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-07-16 496128]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-14 53248]
R3 ICCWDT;@oem21.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2019-04-03 39504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-04-01 6794744]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverW8x64.sys [2019-04-03 223832]
R3 MpKsleaa83092;MpKsleaa83092; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5FD0DA0-C2E1-4235-AA43-D3E831254D93}\MpKslDrv.sys [2021-08-13 123112]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-09 322376]
R3 NVHDA;@oem19.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2021-07-12 136472]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvlddmkm.sys [2021-08-06 37433984]
R3 NvModuleTracker;@oem12.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2020-08-14 43416]
R3 nvvad_WaveExtensible;@oem35.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem30.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2021-07-12 67464]
R3 rt640x64;@oem3.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-02-20 1138136]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-12-07 209720]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-07-09 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-08-12 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-09 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-08-12 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-08-12 1563136]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-08-12 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 DM150Drv;DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [2010-07-30 24312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-07-09 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-14 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 ISCT;@oem38.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\WINDOWS\System32\drivers\ISCTD64.sys [2019-04-03 47008]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-09 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-14 207360]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM; C:\WINDOWS\System32\drivers\nvoclk64.sys [2009-09-15 42088]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-18 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 CDPUserSvc_67bfa;Uživatelská služba platformy připojených zařízení_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2021-05-04 903024]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe [2021-08-06 911992]
R2 OneSyncSvc_67bfa;Hostitel synchronizace_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2020-10-14 329504]
R3 AarSvc_67bfa;Agent Activation Runtime_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 CaptureService_67bfa;CaptureService_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 cbdhsvc_67bfa;Uživatelská služba schránky_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 PimIndexMaintenanceSvc_67bfa;Data kontaktů_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-08-12 986032]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-15 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-21 154920]
S2 Intel(R) TPM Provisioning Service;@oem10.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [2019-04-03 737552]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BcastDVRUserService_67bfa;Uživatelská služba pro GameDVR a vysílání her_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BluetoothUserService_67bfa;Služba pro podporu uživatelů Bluetooth_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 ConsentUxUserSvc_67bfa;ConsentUX_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-07-09 382688]
S3 CredentialEnrollmentManagerUserSvc_67bfa;CredentialEnrollmentManagerUserSvc_67bfa; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-07-09 382688]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DeviceAssociationBrokerSvc_67bfa;DeviceAssociationBroker_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicePickerUserSvc_67bfa;DevicePicker_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevicesFlowUserSvc_67bfa;Tok zařízení_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-18 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-02-28 803440]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-15 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2021-05-15 409968]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\elevation_service.exe [2021-07-30 1460568]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-05-21 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem10.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [2019-04-03 761088]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MessagingService_67bfa;Služba zasílání zpráv_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\elevation_service.exe [2021-08-05 1640352]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PrintWorkflowUserSvc_67bfa;PrintWorkflow_67bfa; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2021-03-04 1347464]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-13 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2020-10-14 57360]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2020-04-06 76152]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-14 57360]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#3 Příspěvek od Rudy »

Zdravím!
RSIT není plně kompatibilní s Win10. K FRST přidejte ještě log Addition. Je v D:\Programy v souboru addition.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#4 Příspěvek od Bubenos »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021
Ran by dbube (13-08-2021 21:36:12)
Running from D:\Programy
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-06 11:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1558997955-55845073-2629518697-500 - Administrator - Disabled)
dbube (S-1-5-21-1558997955-55845073-2629518697-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-1558997955-55845073-2629518697-503 - Limited - Disabled)
Guest (S-1-5-21-1558997955-55845073-2629518697-501 - Limited - Disabled)
Vlasťule (S-1-5-21-1558997955-55845073-2629518697-1002 - Administrator - Enabled) => C:\Users\Vlasťule
WDAGUtilityAccount (S-1-5-21-1558997955-55845073-2629518697-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Auto Keys 1.0 (HKLM-x32\...\Auto Keys) (Version: - )
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Gif Your Game 5.1.7 (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.1.7 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.5.2 (HKLM\...\{207F3229-8AA5-4544-BDB7-7995538A5ED5}) (Version: 6.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.1 (x64) (HKLM-x32\...\{ca778be6-9737-4a9d-a3e2-8d90ea0d5fec}) (Version: 5.0.1.29530 - Microsoft Corporation)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.2.2.51 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.2.30 - Native Instruments)
Nightbot 0.1.3 (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\b66ff3d2-8923-5696-ac2e-977beadfec4e) (Version: 0.1.3 - NightDev, LLC)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.35.340 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-07] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-11] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-07-01] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Розыгрыш ключей Steam.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,OpenURL "hxxps://terra.im/gl/?cid=19349&oid=mZWZvCwR&v=3&utm_campaign=repacks2&utm_medium=cpi"&trash= <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2021-01-18 12:28 - 2021-08-10 01:15 - 000466432 _____ () [File not signed] \\?\C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\app.asar.unpacked\node_modules\nsfw\build\Release\nsfw.node
2021-01-18 12:28 - 2021-08-10 01:15 - 002823680 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\ffmpeg.dll
2021-01-18 12:28 - 2021-08-10 01:15 - 000449024 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\libegl.dll
2021-01-18 12:28 - 2021-08-10 01:15 - 007620096 _____ () [File not signed] C:\Users\dbube\AppData\Local\Programs\badpanda-react\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-05-21 16:16 - 2020-07-01 14:42 - 000001760 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\wp7633605-rocket-league-octane-wallpapers.jpg
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Control Panel\Desktop\\Wallpaper -> D:\ZÁLOHA!\Záloha externího disku Verbatin Fotky a videa od Denise a od Vlastuli 09.02.2021\Vlasťule VŠE KOMPLET!!!! 30.5 2021\Terinka 2-3roky\inCollage_20210515_104310171.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6F1027CE-8DA9-42B0-9DBF-708982713D48}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5CBDE432-6C17-4828-B06D-A6E3E18500EA}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{62B9B81B-4850-47E7-9B27-E8C5EC217FFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{41A9AB65-40EF-4A39-8E11-C07E3389FA08}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{906657C5-1A37-4A55-8923-60C4DDDF73D6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D6715E2-D232-4745-93A6-3B97D4DE8341}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{F0EF74A3-704E-490F-B237-B5CA35C8467A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{656A6944-FA05-4E81-8E9B-3B7F867A1688}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1FF47BF8-CA24-4450-BB9E-3BEDD10FFFDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B5B82461-1D3E-44ED-91E2-EA78BB305CAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{C84FAEBA-99FE-4154-81C9-0DF8578167A2}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9B3ECFAE-B315-4C2A-B105-74F58F912EC1}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A58E956B-F463-4685-A3C0-752812D3B99E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7413426-3073-4EA1-9B95-7F493B776FAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA22F86F-F0AF-4CC9-9F4B-FF99018B0984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{362F35D2-870E-41C9-B4B4-F58E51FDB4F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9C6B20A8-8F7A-4212-8E69-00DA9781089B}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{15637F6B-4B83-40C3-960C-E0C198322A71}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C6C1601-D79E-4C74-86F3-00DC335F1EEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{149C46C4-381D-453B-9296-52D5A5E0BC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5956D0D-F8FF-4E57-9BE2-35E47142004E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{D7754C03-BF99-41E7-BEDF-971E72E4312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{9DE93AE4-91A4-49FE-AEA5-E894078E6EB5}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6686FBC0-2D5F-43A1-9778-FD9CBFFAC320}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{EC0A99D1-7C09-45F5-AC3C-4FEED5547E95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C78E9613-00CC-421A-9AE4-9AC8E4856F95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74137B26-D78B-4065-8DD8-C68EF612F6B4}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{BD5E418F-2D04-4012-904C-A86CCB4B12D9}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [TCP Query User{C70081E0-C108-4AF2-95F8-0A64DCDC2EED}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0049EB04-3AE9-45F8-9AB8-ABA733E3D784}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D7B85F29-D3D2-4056-A8F4-91D594BE617A}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{AE621556-1D17-4015-8EFF-8A75D2A40912}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [{33448BA5-E5F1-44C8-A9AF-28FF941B8CFD}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{294D19F6-7CBB-4F00-9211-4D158208A4EE}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{C247046E-8BFA-467D-A9DF-FD298E7238B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D869EB3-557C-4067-99F5-BC61C9D6532A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06181DEA-27BE-48ED-8EEE-34BE475FF400}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66ED181A-3537-4C92-8B4B-BEE9FF7B2584}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15D9113B-F7ED-4DEA-B76A-F047F9F2A075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D713B075-3D9C-4356-84E8-AAC199FD3EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E520BA6-D7B6-4ECF-B239-976EAA25B7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAC393C9-C468-4745-B08E-6FBDFABBF95B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{895D0120-4CC3-494B-8D42-E848652B896D}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B7780F92-ED5D-4688-8C98-EAE145733B7B}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{13ECA2B7-D888-4D8F-A4F5-C40A07198CB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C000F113-0FDA-4F10-86AF-6668EFB5C30C}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A26776F-6101-4965-86FB-0668F3CB986A}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A62CB70E-0958-43FE-AE2B-09CB0E8A8436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{3C985EB6-1244-47AC-AA34-A45862E0DDD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.08 GB) (Free:25.34 GB) (23%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/08/2021 08:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gif Your Game.exe, verze: 4.1.13.0, časové razítko: 0x601d93db
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x49e0
Čas spuštění chybující aplikace: 0x01d78c82c6d0ae5e
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b7e602f9-e20f-49ce-8675-6a3c46da64bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/07/2021 07:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GSS2-Win64-Shipping.exe, verze: 4.25.4.0, časové razítko: 0x60d19aa8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032da7
ID chybujícího procesu: 0x2e60
Čas spuštění chybující aplikace: 0x01d78ba249f75219
Cesta k chybující aplikaci: D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2\Binaries\Win64\GSS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ee2683d2-c534-404c-a274-eeb95b417d23
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/01/2021 05:32:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Název chybujícího modulu: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014c2b
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d786ea5f00a0de
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
ID zprávy: 33abee95-639e-4c9d-b12c-94761bd84a38
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/28/2021 07:57:07 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (4720,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (9956,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:03 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (1744,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (7496,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (15016,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.


System errors:
=============
Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/05/2021 06:04:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 05:50:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 08:57:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 05:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) TPM Provisioning Service bylo dosaženo časového limitu (45000 ms).

Error: (07/30/2021 07:06:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/30/2021 07:04:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-11 18:24:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F55C22F1-2698-43AC-A761-C693AE8B8261}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 17:24:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A83C30F0-0662-495A-8548-03056024D28D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 08:22:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-08 21:05:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4683580-AFB4-4195-B052-B492736FDA66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-08 21:01:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-07-28 19:13:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1114.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 05/26/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-D PLUS
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 35%
Total physical RAM: 16319.71 MB
Available physical RAM: 10589.23 MB
Total Virtual: 21695.71 MB
Available Virtual: 12544.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.08 GB) (Free:25.34 GB) NTFS
Drive d: (Disk D) (Fixed) (Total:1863.01 GB) (Free:1435.2 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A7FA3EF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#5 Příspěvek od Rudy »

OK. Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#6 Příspěvek od Bubenos »

Šlo pouze vložit do karantény, možnost k smazani to nabídlo až v karanténě tak jsem dal smazat.

zde je log

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-14-2021
# Duration: 00:00:05
# OS: Windows 10 Home
# Scanned: 31994
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1462 octets] - [14/08/2021 20:23:48]
AdwCleaner[C00].txt - [1612 octets] - [14/08/2021 20:24:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#7 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#8 Příspěvek od Bubenos »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by dbube (14-08-2021 21:07:19)
Running from D:\Programy
Windows 10 Home Version 2004 19041.1165 (X64) (2020-09-06 11:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1558997955-55845073-2629518697-500 - Administrator - Disabled)
dbube (S-1-5-21-1558997955-55845073-2629518697-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-1558997955-55845073-2629518697-503 - Limited - Disabled)
Guest (S-1-5-21-1558997955-55845073-2629518697-501 - Limited - Disabled)
Vlasťule (S-1-5-21-1558997955-55845073-2629518697-1002 - Administrator - Enabled) => C:\Users\Vlasťule
WDAGUtilityAccount (S-1-5-21-1558997955-55845073-2629518697-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Auto Keys 1.0 (HKLM-x32\...\Auto Keys) (Version: - )
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Gif Your Game 5.1.7 (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.1.7 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2215.0 - Rockstar Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.5.2 (HKLM\...\{207F3229-8AA5-4544-BDB7-7995538A5ED5}) (Version: 6.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.1 (x64) (HKLM-x32\...\{ca778be6-9737-4a9d-a3e2-8d90ea0d5fec}) (Version: 5.0.1.29530 - Microsoft Corporation)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.2.2.51 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.2.30 - Native Instruments)
Nightbot 0.1.3 (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\b66ff3d2-8923-5696-ac2e-977beadfec4e) (Version: 0.1.3 - NightDev, LLC)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.35.340 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.7.46.0_x86__kgqvnymyfvs32 [2021-08-07] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-11] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-07-01] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Розыгрыш ключей Steam.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,OpenURL "hxxps://terra.im/gl/?cid=19349&oid=mZWZvCwR&v=3&utm_campaign=repacks2&utm_medium=cpi"&trash= <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2021-01-04 09:14 - 2021-08-11 16:49 - 004113920 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\dll\bakkesmod.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001275904 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\dll\pluginsdk.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000132608 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\airdribbleplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000942080 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\autoreplayuploader.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000154624 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\defenderplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000674304 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\dollycamplugin2.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000118784 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\dribbleplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000126976 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\mechanicalplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001406464 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\pluginmanager.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 001915392 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\rconplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000120320 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\reboundplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000120832 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\recoveryplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000119808 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\redirectplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000399872 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\trainingplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000133632 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\wallhitplugin.dll
2021-01-04 09:14 - 2021-08-11 16:49 - 000314368 _____ () [File not signed] C:\Users\dbube\AppData\Roaming\bakkesmod\bakkesmod\plugins\workshopplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-05-21 16:16 - 2020-07-01 14:42 - 000001760 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\wp7633605-rocket-league-octane-wallpapers.jpg
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Control Panel\Desktop\\Wallpaper -> D:\ZÁLOHA!\Záloha externího disku Verbatin Fotky a videa od Denise a od Vlastuli 09.02.2021\Vlasťule VŠE KOMPLET!!!! 30.5 2021\Terinka 2-3roky\inCollage_20210515_104310171.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6F1027CE-8DA9-42B0-9DBF-708982713D48}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5CBDE432-6C17-4828-B06D-A6E3E18500EA}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{62B9B81B-4850-47E7-9B27-E8C5EC217FFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{41A9AB65-40EF-4A39-8E11-C07E3389FA08}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{906657C5-1A37-4A55-8923-60C4DDDF73D6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D6715E2-D232-4745-93A6-3B97D4DE8341}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{F0EF74A3-704E-490F-B237-B5CA35C8467A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{656A6944-FA05-4E81-8E9B-3B7F867A1688}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1FF47BF8-CA24-4450-BB9E-3BEDD10FFFDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B5B82461-1D3E-44ED-91E2-EA78BB305CAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{C84FAEBA-99FE-4154-81C9-0DF8578167A2}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9B3ECFAE-B315-4C2A-B105-74F58F912EC1}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A58E956B-F463-4685-A3C0-752812D3B99E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7413426-3073-4EA1-9B95-7F493B776FAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA22F86F-F0AF-4CC9-9F4B-FF99018B0984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{362F35D2-870E-41C9-B4B4-F58E51FDB4F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9C6B20A8-8F7A-4212-8E69-00DA9781089B}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{15637F6B-4B83-40C3-960C-E0C198322A71}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C6C1601-D79E-4C74-86F3-00DC335F1EEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{149C46C4-381D-453B-9296-52D5A5E0BC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5956D0D-F8FF-4E57-9BE2-35E47142004E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{D7754C03-BF99-41E7-BEDF-971E72E4312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [TCP Query User{9DE93AE4-91A4-49FE-AEA5-E894078E6EB5}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6686FBC0-2D5F-43A1-9778-FD9CBFFAC320}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{EC0A99D1-7C09-45F5-AC3C-4FEED5547E95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C78E9613-00CC-421A-9AE4-9AC8E4856F95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74137B26-D78B-4065-8DD8-C68EF612F6B4}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{BD5E418F-2D04-4012-904C-A86CCB4B12D9}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [TCP Query User{C70081E0-C108-4AF2-95F8-0A64DCDC2EED}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0049EB04-3AE9-45F8-9AB8-ABA733E3D784}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D7B85F29-D3D2-4056-A8F4-91D594BE617A}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{AE621556-1D17-4015-8EFF-8A75D2A40912}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [{33448BA5-E5F1-44C8-A9AF-28FF941B8CFD}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{294D19F6-7CBB-4F00-9211-4D158208A4EE}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{15D9113B-F7ED-4DEA-B76A-F047F9F2A075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D713B075-3D9C-4356-84E8-AAC199FD3EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E520BA6-D7B6-4ECF-B239-976EAA25B7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAC393C9-C468-4745-B08E-6FBDFABBF95B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{895D0120-4CC3-494B-8D42-E848652B896D}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B7780F92-ED5D-4688-8C98-EAE145733B7B}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{13ECA2B7-D888-4D8F-A4F5-C40A07198CB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C000F113-0FDA-4F10-86AF-6668EFB5C30C}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A26776F-6101-4965-86FB-0668F3CB986A}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A62CB70E-0958-43FE-AE2B-09CB0E8A8436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{3C985EB6-1244-47AC-AA34-A45862E0DDD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{1EE45564-5EDC-4ADC-ACC5-F357E2C719EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD6FF64E-9C2F-4F28-9742-AAB6AEAF3688}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{008A9B3E-16A0-435D-8B68-DEC304884DA0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52D2B259-5A4A-4787-A66E-809130E5C2FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.08 GB) (Free:25.89 GB) (23%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/08/2021 08:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gif Your Game.exe, verze: 4.1.13.0, časové razítko: 0x601d93db
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063416
ID chybujícího procesu: 0x49e0
Čas spuštění chybující aplikace: 0x01d78c82c6d0ae5e
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b7e602f9-e20f-49ce-8675-6a3c46da64bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/07/2021 07:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GSS2-Win64-Shipping.exe, verze: 4.25.4.0, časové razítko: 0x60d19aa8
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1110, časové razítko: 0xe7a22463
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032da7
ID chybujícího procesu: 0x2e60
Čas spuštění chybující aplikace: 0x01d78ba249f75219
Cesta k chybující aplikaci: D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2\Binaries\Win64\GSS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ee2683d2-c534-404c-a274-eeb95b417d23
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/01/2021 05:32:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Název chybujícího modulu: CRWindowsClientService.exe, verze: 1.6.1.0, časové razítko: 0x59b6762b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000014c2b
ID chybujícího procesu: 0x2974
Čas spuštění chybující aplikace: 0x01d786ea5f00a0de
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Photoshop CC 2018\CRWindowsClientService.exe
ID zprávy: 33abee95-639e-4c9d-b12c-94761bd84a38
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/28/2021 07:57:07 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (4720,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (9956,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:56:03 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (1744,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:59 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (7496,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (07/28/2021 07:55:54 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (15016,R,98) Windows: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.


System errors:
=============
Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/14/2021 08:24:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2021 03:41:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/05/2021 06:04:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 05:50:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 08:57:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-14 19:09:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B200BD3C-FEAA-466B-99FD-FDF99A93E734}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-11 18:24:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F55C22F1-2698-43AC-A761-C693AE8B8261}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 17:24:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A83C30F0-0662-495A-8548-03056024D28D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 08:22:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:O97M/Mountsi.D!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\cscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: DESKTOP-48MB1C3\dbube
Název procesu: C:\Windows\System32\cscript.exe
Verze bezpečnostních informací: AV: 1.345.159.0, AS: 1.345.159.0, NIS: 1.345.159.0
Verze modulu: AM: 1.1.18400.4, NIS: 1.1.18400.4

Date: 2021-08-08 21:05:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4683580-AFB4-4195-B052-B492736FDA66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-28 19:13:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1114.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1610.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:32:25
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 05/26/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-D PLUS
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 16319.71 MB
Available physical RAM: 7044.42 MB
Total Virtual: 21695.71 MB
Available Virtual: 9305.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.08 GB) (Free:25.89 GB) NTFS
Drive d: (Disk D) (Fixed) (Total:1863.01 GB) (Free:1373.43 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A7FA3EF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==================== End of Addition.txt =======================

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#9 Příspěvek od Bubenos »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by dbube (administrator) on DESKTOP-48MB1C3 (ATComputers TRILINE PROFI OFFICE) (14-08-2021 21:05:24)
Running from D:\Programy
Loaded Profiles: dbube
Platform: Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
() [File not signed] D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe <2>
(Psyonix, LLC) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Discord] => C:\Users\dbube\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Gif Your Game] => C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-08-10] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Run: [Discord] => C:\Users\Vlasťule\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0307D6D5-D21C-41EA-96C8-B255658C50BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07986CF8-43D5-4912-9B05-CA6263A7B4AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10D03C8F-FC2E-44CE-AD30-BB4914AA11A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BB60CE9-224F-409B-BA95-77A03E0A6A0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {3BA721FB-7708-4803-83C4-FACEFD33031E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55A33193-7971-439E-9762-CB9B4A91CC18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60772A8F-335C-4C62-931D-DACF10279E0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6FE6A2C0-4FC4-4B8D-85E7-40E5BA9C88A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905F9ACA-862D-4BDA-B9F4-E2C2FB9E6247} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90D06DA3-E888-4D74-9C1E-D3321F9EDA5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E92E098-E8B6-47ED-A810-2F99CEB01A2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2C6754C-8DE5-4EA1-BFAF-148116685EBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C748CBC0-8DD3-404A-8BC1-DF8DF3FA76C3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-04-03] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {E9E0E335-410D-4069-9FF0-1F60F33AAAC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE4A556B-9322-447F-8387-F6D3BC62698D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{b7f826c6-ea01-4714-a535-4e19bd4e854c}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{c6197426-c54d-4121-a8e4-ec03077a2b2b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\dbube\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-14]

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2021-08-14]
CHR DownloadDir: C:\Users\dbube\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-21]
CHR Extension: (BetterTTV) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-08-07]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-21]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-28]
CHR Extension: (FrankerFaceZ) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-14]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-04-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-04] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_253e24b785ea60ca\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
S3 nvoclk64; C:\WINDOWS\System32\drivers\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-14 20:22 - 2021-08-14 20:24 - 000000000 ____D C:\AdwCleaner
2021-08-14 20:22 - 2021-08-14 20:22 - 000000946 _____ C:\Users\dbube\Desktop\AdwCleaner – zástupce.lnk
2021-08-14 17:54 - 2021-08-14 17:54 - 000013218 _____ C:\Users\dbube\Desktop\ROZPIS_ALLSTARS_OD_9._Srpna.pdf
2021-08-13 21:46 - 2021-08-13 21:46 - 000000917 _____ C:\Users\dbube\Desktop\RSITx64 – zástupce.lnk
2021-08-13 21:43 - 2021-08-13 21:43 - 000000000 ____D C:\rsit
2021-08-13 21:34 - 2021-08-14 21:05 - 000000000 ____D C:\FRST
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:05 - 2021-08-12 06:05 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:05 - 2021-08-12 06:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:05 - 2021-08-12 06:05 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 05:58 - 2021-08-12 05:58 - 000000000 ___HD C:\$WinREAgent
2021-08-11 19:12 - 2021-08-11 19:11 - 000382411 _____ C:\Users\dbube\Desktop\OP.jpeg
2021-08-11 19:05 - 2021-08-11 19:05 - 000638018 _____ C:\Users\dbube\Desktop\GDPR2.jpeg
2021-08-11 19:05 - 2021-08-11 19:04 - 000634636 _____ C:\Users\dbube\Desktop\GDPR1.jpeg
2021-08-11 19:02 - 2021-08-11 19:02 - 000045641 _____ C:\Users\dbube\Desktop\GDPR.pdf
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001474672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001438840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-08-11 15:34 - 2021-08-06 10:45 - 001212536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-08-11 15:34 - 2021-08-06 10:45 - 000951928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000716928 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-08-11 15:34 - 2021-08-06 10:42 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001595536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 001171088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000919184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-08-11 15:34 - 2021-08-06 10:41 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:41 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 008854136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 005680768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-08-11 15:34 - 2021-08-06 10:40 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-08-11 15:34 - 2021-08-06 10:39 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-08-11 15:34 - 2021-08-06 10:38 - 006215808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-08-11 15:34 - 2021-08-05 23:12 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-08-07 17:38 - 2021-08-07 17:38 - 000000000 ____D C:\Users\dbube\AppData\Local\GSS2
2021-08-07 17:22 - 2021-08-07 17:22 - 000000223 _____ C:\Users\dbube\Desktop\Gas Station Simulator Prologue - Early Days.url
2021-08-02 06:32 - 2021-08-09 08:45 - 000010398 _____ C:\Users\Vlasťule\Desktop\Co už mám domluveno.odt
2021-08-01 18:03 - 2021-08-01 18:03 - 000001536 _____ C:\WINDOWS\SysWOW64\RtkMsgs.dll
2021-08-01 18:03 - 2021-08-01 18:03 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-08-01 18:02 - 2021-08-01 18:02 - 000000000 ____D C:\ProgramData\Dell
2021-08-01 17:28 - 2021-08-01 17:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\NVIDIA
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140.zip
2021-08-01 17:26 - 2021-08-01 17:26 - 000189287 _____ C:\Users\dbube\Downloads\msvcp140 (1).zip
2021-07-30 08:22 - 2021-07-30 08:22 - 000117280 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade (1).pdf
2021-07-30 08:19 - 2021-07-30 08:19 - 000117293 _____ C:\Users\Vlasťule\Downloads\Potvrzeni_o_odchozi_uhrade.pdf
2021-07-29 08:19 - 2021-07-29 08:26 - 000000000 ____D C:\Users\Vlasťule\Desktop\Terinka v Praze Červenec 2021
2021-07-28 19:59 - 2021-07-28 19:59 - 000000112 ___SH C:\bootTel.dat
2021-07-28 19:59 - 2021-07-28 19:59 - 000000000 __SHD C:\found.000
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-07-28 19:48 - 2021-07-28 19:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-07-28 19:45 - 2021-07-12 13:32 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-07-28 19:45 - 2021-07-12 13:32 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-28 19:44 - 2021-08-06 10:41 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-28 19:44 - 2021-08-06 10:38 - 007280848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-07-28 19:30 - 2021-07-28 20:39 - 000000060 _____ C:\Users\dbube\Downloads\query.htm
2021-07-28 19:16 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 16:12 - 2021-07-16 16:12 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-16 16:04 - 2021-08-05 17:16 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 16:04 - 2021-08-05 17:16 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 18:32 - 2021-07-15 18:32 - 000000000 ____D C:\Users\dbube\AppData\LocalLow\Amistech

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-14 21:04 - 2019-05-21 15:54 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-14 21:04 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-14 21:02 - 2020-09-06 13:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-14 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-14 20:59 - 2019-12-14 23:12 - 000000000 ____D C:\Users\dbube\AppData\Roaming\qBittorrent
2021-08-14 20:52 - 2019-05-21 15:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-14 20:24 - 2021-01-18 12:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\badpanda-react
2021-08-14 20:24 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Roaming\discord
2021-08-14 19:50 - 2020-04-22 18:20 - 000000000 ____D C:\Users\dbube\AppData\Local\Discord
2021-08-14 19:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 19:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-14 17:53 - 2020-09-06 13:45 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A8E94C42-9C4F-4DEE-9B06-7CDE732D054B}
2021-08-14 17:51 - 2020-07-15 11:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-13 21:46 - 2019-12-26 12:30 - 000000000 ____D C:\Program Files\trend micro
2021-08-13 21:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-13 16:57 - 2021-01-22 16:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 15:20 - 2020-09-06 13:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 15:20 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-13 15:20 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-13 15:13 - 2020-09-06 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 15:13 - 2020-09-06 13:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 17:28 - 2020-09-06 13:38 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-12 17:28 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-12 17:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-12 17:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 06:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:58 - 2019-05-22 12:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:56 - 2019-05-22 12:01 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 19:11 - 2019-09-07 16:57 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2021-08-11 16:54 - 2019-05-21 15:50 - 000000000 ____D C:\Users\dbube\AppData\Local\Packages
2021-08-11 15:42 - 2019-05-21 16:24 - 000000000 ____D C:\Users\dbube\AppData\Local\NVIDIA
2021-08-09 18:11 - 2020-08-09 19:37 - 000000000 ____D C:\Users\Vlasťule\AppData\Roaming\discord
2021-08-09 18:05 - 2020-10-31 22:45 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\Discord
2021-08-09 08:25 - 2020-09-06 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1001
2021-08-09 08:25 - 2020-09-06 13:39 - 000002377 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:25 - 2019-05-21 15:51 - 000000000 ___RD C:\Users\dbube\OneDrive
2021-08-09 08:23 - 2020-09-06 13:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1002
2021-08-09 08:23 - 2020-09-06 13:39 - 000002386 _____ C:\Users\Vlasťule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 08:23 - 2019-05-25 09:17 - 000000000 ___RD C:\Users\Vlasťule\OneDrive
2021-08-08 20:25 - 2019-05-21 18:27 - 000000000 ____D C:\Users\dbube\AppData\Local\CrashDumps
2021-08-07 23:15 - 2020-09-06 13:39 - 000000000 ____D C:\Users\dbube
2021-08-07 17:38 - 2020-03-18 19:33 - 000000000 ____D C:\Users\dbube\AppData\Local\UnrealEngine
2021-08-07 17:22 - 2021-04-15 22:03 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-08-07 17:09 - 2020-03-21 13:22 - 000000000 ____D C:\Users\dbube\AppData\Local\Battle.net
2021-08-04 15:42 - 2019-05-21 15:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 15:42 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 05:55 - 2020-09-06 13:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 05:55 - 2020-09-06 13:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 17:45 - 2020-12-16 19:11 - 000000000 ____D C:\Users\dbube\Documents\Obnova hesel nebo účtu
2021-08-01 17:23 - 2019-05-21 16:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-01 15:43 - 2021-01-14 13:31 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-08-01 15:43 - 2021-01-14 13:31 - 000000000 ____D C:\Users\dbube\Documents\Adobe
2021-08-01 15:40 - 2021-01-14 13:28 - 000000000 ____D C:\Program Files\Adobe
2021-07-29 09:40 - 2019-08-15 17:47 - 000000000 ____D C:\Users\Vlasťule\AppData\Local\PlaceholderTileLogoFolder
2021-07-29 09:33 - 2020-11-12 09:05 - 000000000 ___RD C:\Users\Vlasťule\Documents\Scanned Documents
2021-07-28 19:48 - 2019-05-21 15:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 16:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-28 19:46 - 2019-05-21 15:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-28 19:16 - 2020-09-06 13:45 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:16 - 2020-09-06 13:45 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-28 19:13 - 2019-05-21 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-07-28 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 09:45 - 2021-01-22 16:39 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 16:39 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2020-06-09 15:08 - 2020-06-09 15:08 - 000004973 _____ () C:\Users\dbube\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
C:\Windows\System32\cscript.exe

EmptyTemp:
Hosts:
End
Uložte do D:\Programy jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#11 Příspěvek od Bubenos »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by dbube (14-08-2021 22:34:49) Run:1
Running from D:\Programy
Loaded Profiles: dbube & Vlasťule
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {24CF228A-DCE2-4593-9EBE-80E9D61BFAC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FCD1040F-F004-446C-B306-0AD5DFE675C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\GDPR2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\OP.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Rodný list Terezka.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
C:\Windows\System32\cscript.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24CF228A-DCE2-4593-9EBE-80E9D61BFAC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24CF228A-DCE2-4593-9EBE-80E9D61BFAC0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCD1040F-F004-446C-B306-0AD5DFE675C1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD1040F-F004-446C-B306-0AD5DFE675C1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\dbube\Desktop\GDPR1.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\GDPR1.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\GDPR2.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\GDPR2.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\OP.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\OP.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Desktop\Rodný list Terezka.jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\dbube\Desktop\Rodný list Terezka.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\dbube\Documents\RL - Terezka.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Windows\System32\cscript.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4356458 B
Java, Flash, Steam htmlcache => 368096312 B
Windows/system/drivers => 5876935 B
Edge => 0 B
Chrome => 677376838 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 130866 B
dbube => 117098368 B
Vlasťule => 165328905 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-08-2021 22:36:13)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:36:13 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#12 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bubenos
Návštěvník
Návštěvník
Příspěvky: 59
Registrován: 26 pro 2019 11:25

Re: Prosím o kontrolu logu

#13 Příspěvek od Bubenos »

Uvidíme do budoucna, zatím vše OK. Moc děkuji jste hodný. :thumbsup: :closed:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#14 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět