Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Spomalenie PC a problém s Trojanmi

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Murtagh
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 27 pro 2008 11:01
Bydliště: Liesek city
Kontaktovat uživatele:
Kontaktovat uživatele Murtagh

Spomalenie PC a problém s Trojanmi

#1 Příspěvek od Murtagh »

Zdravím, potreboval by som pomoc pri prečistení môjho notebooku. Už dlhšie sledujem, že je pomalší, procesor aj RAM takmer stále idú na 80% výkonu aj keď nemám spustené žiadne aplikácie. Od včera mi k tomu pribudol ešte windows Defender, ktorý mi po každej kontrole PC vyhodí nejaké nové hrozby. Väčšinou ide o Trojan script. Nerád by som preinštalovával komplet Windows. To budem riešiť ako úplne poslednú možnosť.
Pridávam logy z FRST

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021
Ran by Acer (administrator) on PREDATOR (Acer Predator PH317-51) (02-11-2021 12:42:08)
Running from C:\Users\Acer\Desktop
Loaded Profiles: Acer
: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\PredatorSense\PredatorSense.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\PredatorSense\PSAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\PredatorSense\PSAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BitTorrent, Inc.) [File not signed] D:\Programy\uTorrent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Blizzard App\Battle.net.exe <4>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7531\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Acer\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <72>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxext.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_a88f3791f9fa8757\Display.NvContainer\NVDisplay.Container.exe <2>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.181.0.11\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.181.0.11\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Users\Acer\AppData\Local\Overwolf\ProcessCache\0.181.0.11\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(Overwolf Ltd -> Overwolf LTD) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) D:\Hry\Overwolf\Overwolf.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(www.xmrig.com) [File not signed] C:\ProgramData\xmrig.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe [267072 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [uTorrent] => D:\Programy\uTorrent.exe [393728 2017-08-22] (BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [Discord] => C:\Users\Acer\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [Update] => C:\Users\Acer\AppData\Local\Win\Updater.exe [1126400 2021-06-30] () [File not signed]
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [Overwolf] => D:\Hry\Overwolf\OverwolfLauncher.exe [1806680 2021-10-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2021-10-27] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [K8XGITUU14] => "C:\Users\Acer\AppData\Local\Temp\aclui.dll.js" <==== ATTENTION
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3523704 2021-10-27] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1006LM: C:\Windows\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-29] (Google LLC -> Google LLC)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\consol.vbs.lnk [2021-11-01]
ShortcutTarget: consol.vbs.lnk -> C:\ProgramData\consol.vbs () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mnb.vbs [2021-11-01] () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\script.vbs [2021-10-31] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08EC4BE0-7A25-4771-AF1F-7326F37681EB} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-02-21] (Acer Incorporated -> Acer Incorporated)
Task: {0F41DF8A-AE9E-4CD4-AA8C-A8E806C2ABC8} - System32\Tasks\CareCenter\Battle.net_Reg_HKCURun_S-1-5-21-1106091575-681360745-1136122368-1001 => C:\Program Files (x86)\Blizzard App\Battle.net.exe [1087376 2021-10-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
Task: {0FE5CD61-F07A-4CD1-983D-3755B86B46AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {11BB5397-1AB8-4F6C-B882-05794AC3F56D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {14063951-AEB7-48B6-A25D-95B477961311} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {147274BE-696C-47B8-8DF0-E1E50453E045} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2538F1A2-C41C-4EC1-8D99-694ABD196B9E} - System32\Tasks\CareCenter\RtHDVBg_CTPreset_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2774626C-FBBD-408A-8F2D-8CE84B5AFA66} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {278CB285-D65D-40CA-8E33-859C74DC4259} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-02-21] (Acer Incorporated -> )
Task: {29143BA2-ED39-42CE-B325-C727A1B5CEB7} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {29ED6086-23AB-46AA-8F0E-D0AC7E199C40} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {2C66D167-792E-4FED-9AF7-28DED1E46E09} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3361E9C0-1BFA-4858-A155-786C3C553E42} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {365998A5-97EE-4C86-A691-F3DA114F6E0E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E03EA85-43B9-4495-95DF-046E18EE1E43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40C33282-380C-49CB-88C5-3C95B71965DE} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18399520 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4A573193-11D0-434F-AFA4-995665A7C5FC} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {4C259CAC-7691-4A36-9BC1-A58AC7C66DF8} - System32\Tasks\CareCenter\Steam_Reg_HKCURun_S-1-5-21-1106091575-681360745-1136122368-1001 => C:\Program Files (x86)\Steam\Steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
Task: {4EF7675D-1FC0-41D2-9AB2-C29D1C5ECCD5} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {5B3B5CB9-CAC2-4883-A848-DC60FE9F8CAD} - System32\Tasks\CareCenter\RtHDVBg_ASC_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {62776E90-6ED5-457A-8537-9055BD014D02} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767664 2017-02-15] (Acer Incorporated -> Acer Incorporated)
Task: {666516F3-A0DB-4F7D-BCC7-8BDC116F8FD7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {68F3D471-1B2A-4975-849D-EC00215D032E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CA96251-B700-4A53-B575-3F677B62B658} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {748FDBE8-B965-47D8-B615-FE985927DCF6} - System32\Tasks\CareCenter\uTorrent_Reg_HKCURun_S-1-5-21-1106091575-681360745-1136122368-1001 => D:\Programy\uTorrent.exe [393728 2017-08-22] (BitTorrent, Inc.) [File not signed]
Task: {7A24C32A-C11C-4831-AA78-53282C131986} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {88D2C849-D9EE-41A0-85A8-B01E6ED93090} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {89D3DDAB-E9CF-449C-B21F-2924A7748176} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CD7567A-468B-444E-B2DD-B0E2E148D378} - System32\Tasks\Overwolf Updater Task => D:\Hry\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
Task: {95E5A58E-A9CF-413F-B018-059719F37080} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-16] (Google Inc -> Google Inc.)
Task: {9853D46C-90F8-49DA-879F-171981582849} - System32\Tasks\CareCenter\RtHDVBg_Dolby_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9A3E69D6-8DF0-4757-8B60-BD5A9ED5C4C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9BB7AF2A-D4E2-4FB2-B314-75FCA97CF8EF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {AB26000E-7330-4CA5-8E8D-A3F4170CAE85} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC11E2FD-B3CB-43BC-8111-6782B07EAA93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADA768E3-7386-4ED8-BEA8-9D98A18CA0CB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B65907BD-EA35-4532-B6EF-18D39B5DF841} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B6DBF9D7-1F83-4912-A602-E1B66F182A43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B7498DC5-4178-41BD-8CCE-692B73AD74B4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9D5CDA2-9066-451F-95D9-DAB221EBD9B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-16] (Google Inc -> Google Inc.)
Task: {CA563867-97F4-4A24-9ED2-595EA5C36EC4} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {CD63542B-705E-4BA0-85CB-1541AAA288F8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D04E5923-F03B-4186-B1FC-0D5D05FC26BF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1514784 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D9C9DB27-1C2D-4C0A-B1D0-086F75FEFCC7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
Task: {E1CBD716-2603-4289-8C29-31C922F0617A} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-02-15] (Acer Incorporated -> Acer Incorporated)
Task: {E2C39588-BAD3-4FF7-B848-3629D0A33642} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3064385-70C1-4815-8858-90CAFEFB111F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E33C2911-BD37-47C2-B03B-46C1AD928E6F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E517B660-EA17-46C1-AF68-6B3DA28FECF9} - System32\Tasks\CareCenter\DAX2_APP_Reg_HKLMRun => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
Task: {EAC9CD24-0CC2-4996-A8FF-DA2A0F99D307} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {ED6AB6B6-065B-428E-B542-AE068D5D7791} - System32\Tasks\CareCenter\iTunesHelper_Reg_HKLMRun => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.)
Task: {F60C2849-7961-4EC3-8D8C-2661DB440700} - System32\Tasks\PredatorSense => C:\Program Files (x86)\Acer\PredatorSense\PSLauncher.exe [580400 2017-08-13] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{17ca8d1d-0c81-446a-b134-05324e19aa96}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{25e10f93-cdc6-4a3a-b0b7-472012989eb7}: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{2f42b9ed-0591-4646-9afb-a12da6de0d2d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{db84f1d3-3b8c-4a28-b766-86aced716724}: [DhcpNameServer] 192.168.51.1
Tcpip\..\Interfaces\{fc352fcf-e23b-49f2-956d-fff89cc549d2}: [DhcpNameServer] 192.168.5.254 192.168.5.20 8.8.8.8

Edge: 
=======
DownloadDir: C:\Users\Acer\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Acer\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-14]
Edge DownloadDir: Default -> C:\Users\Acer\Downloads
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default [2021-11-02]
CHR Notifications: Default -> hxxps://teams.microsoft.com
CHR HomePage: Default -> hxxps://tracker.czech-server.com/torrents.php?search=&category=31&active=1&genres=&orig_name=&cz_name=&rok=&rating=&director=&actor=
CHR StartupUrls: Default -> "hxxp://google.sk/","hxxp://www.mystartsearch.com/?type=hp&ts=1417245253&from=ild&uid=ST1000DM003-1CH162_Z1D6ZVJWXXXXZ1D6ZVJW","hxxps://www.google.sk/"
CHR DefaultSearchKeyword: Default -> hxxps://www.google.sk/__
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentácie) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-28]
CHR Extension: (Tabuľky) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (IE Tab) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2021-07-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR HKU\S-1-5-21-1106091575-681360745-1136122368-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 OverwolfUpdater; D:\Hry\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
R3 PSSvc; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [716592 2017-08-13] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-02-15] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-02-15] (Acer Incorporated -> Acer Incorporated)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1142808 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [451608 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1347640 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-10-25] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1848624 2021-07-27] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [291320 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a88f3791f9fa8757\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a88f3791f9fa8757\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 MpKsld9ccdb11; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F93D76DE-A51E-4A72-B116-7C11F1CF224A}\MpKslDrv.sys [130296 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0086; C:\WINDOWS\System32\drivers\RzDev_0086.sys [53288 2021-09-28] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0088; C:\WINDOWS\System32\drivers\RzDev_0088.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_024e; C:\WINDOWS\System32\drivers\RzDev_024e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-02 12:42 - 2021-11-02 12:42 - 000034927 _____ C:\Users\Acer\Desktop\FRST.txt
2021-11-02 12:41 - 2021-11-02 12:42 - 000000000 ____D C:\FRST
2021-11-02 12:39 - 2021-11-02 12:39 - 002311168 _____ (Farbar) C:\Users\Acer\Desktop\FRST64.exe
2021-11-01 11:40 - 2021-11-01 12:07 - 000000000 ____D C:\Users\Acer\AppData\Roaming\wApAL
2021-11-01 09:59 - 2021-07-11 17:48 - 000003055 _____ C:\ProgramData\config.json
2021-11-01 09:59 - 2021-07-11 17:31 - 000000102 _____ C:\ProgramData\consol.vbs
2021-11-01 09:59 - 2021-07-03 09:38 - 004666880 _____ (www.xmrig.com) C:\ProgramData\xmrig.exe
2021-11-01 09:59 - 2021-07-03 09:38 - 000000029 _____ C:\ProgramData\sart.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000014544 _____ (OpenLibSys.org) C:\ProgramData\WinRing0x64.sys
2021-11-01 09:59 - 2021-07-03 09:34 - 000001026 _____ C:\ProgramData\pool_mine_example.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000000815 _____ C:\ProgramData\solo_mine_example.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000000056 _____ C:\ProgramData\benchmark_10M.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000000055 _____ C:\ProgramData\benchmark_1M.cmd
2021-10-31 13:13 - 2021-10-31 13:12 - 000000961 _____ C:\Users\Public\2ps.ps1
2021-10-31 13:13 - 2021-10-31 13:12 - 000000236 _____ C:\Users\Public\vb2.vbs
2021-10-27 17:13 - 2021-10-27 17:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-10-27 17:09 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-27 17:09 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-27 17:09 - 2021-10-21 18:49 - 001464952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-27 17:09 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-27 17:09 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-27 17:09 - 2021-10-21 18:49 - 001206384 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-27 17:09 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-27 17:09 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-27 17:09 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-27 17:09 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 001523336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 001172608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 000800368 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 000707728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-27 17:09 - 2021-10-21 18:45 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 000635000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-27 17:09 - 2021-10-21 18:45 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 008724080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 007843984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 004938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 002850416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 002114688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 001597584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-10-27 17:09 - 2021-10-21 18:44 - 000452216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-27 17:09 - 2021-10-21 18:43 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-10-27 17:09 - 2021-10-21 18:43 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-27 17:09 - 2021-10-21 18:39 - 007578560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-10-27 17:09 - 2021-10-21 18:39 - 006430824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-27 17:09 - 2021-10-21 01:48 - 000085748 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-24 11:55 - 2021-10-24 11:55 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-24 11:55 - 2021-10-24 11:55 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-21 05:45 - 2021-10-21 05:45 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1106091575-681360745-1136122368-1001
2021-10-21 05:45 - 2021-10-21 05:45 - 000002368 _____ C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-19 21:21 - 2021-10-19 21:21 - 000216088 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2021-10-19 21:19 - 2021-10-19 21:19 - 000186904 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2021-10-18 15:51 - 2021-10-18 15:51 - 000230736 _____ C:\Users\Acer\Desktop\UZS3ex 2021 október.pdf
2021-10-18 15:51 - 2021-10-18 15:51 - 000184934 _____ C:\Users\Acer\Desktop\UZS3 ex 2021 november.pdf
2021-10-14 22:21 - 2021-10-14 22:21 - 000000000 ____D C:\Users\Acer\AppData\LocalLow\Blizzard Entertainment
2021-10-14 22:00 - 2021-10-14 22:00 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-13 16:59 - 2021-10-07 01:58 - 000125568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-10-13 16:59 - 2021-10-07 01:58 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-10-13 05:24 - 2021-10-13 05:24 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-13 05:24 - 2021-10-13 05:24 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-13 05:24 - 2021-10-13 05:24 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-13 05:23 - 2021-10-13 05:23 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 05:23 - 2021-10-13 05:23 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 05:23 - 2021-10-13 05:23 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 05:23 - 2021-10-13 05:23 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 05:18 - 2021-10-13 05:18 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-02 12:40 - 2017-08-28 22:17 - 000000000 ____D C:\Users\Acer\AppData\Local\Battle.net
2021-11-02 12:39 - 2017-07-25 01:28 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-02 12:38 - 2017-08-22 17:04 - 000000000 ____D C:\Users\Acer\AppData\Roaming\uTorrent
2021-11-02 12:37 - 2020-11-01 07:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-02 12:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-02 12:25 - 2017-09-02 18:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-02 12:24 - 2020-04-13 21:40 - 000000000 ____D C:\Users\Acer\AppData\Roaming\discord
2021-11-02 12:18 - 2020-04-13 21:40 - 000000000 ____D C:\Users\Acer\AppData\Local\Discord
2021-11-02 11:54 - 2017-08-16 23:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-02 11:26 - 2020-11-01 07:42 - 001827632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-02 11:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-02 11:26 - 2017-08-16 23:19 - 000760430 _____ C:\WINDOWS\system32\perfh01B.dat
2021-11-02 11:26 - 2017-08-16 23:19 - 000227540 _____ C:\WINDOWS\system32\perfc01B.dat
2021-11-02 11:18 - 2021-03-17 19:39 - 000001934 _____ C:\Users\Acer\Desktop\CurseForge.lnk
2021-11-02 11:18 - 2021-03-17 19:38 - 000000000 ____D C:\Users\Acer\AppData\Local\Overwolf
2021-11-02 11:17 - 2020-11-11 20:39 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-02 11:17 - 2020-11-01 07:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-02 11:17 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-02 11:17 - 2017-08-16 03:43 - 000000000 __SHD C:\Users\Acer\IntelGraphicsProfiles
2021-11-01 12:03 - 2021-04-19 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-11-01 11:59 - 2021-04-19 14:03 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-11-01 10:03 - 2017-08-18 13:39 - 000000000 ____D C:\Users\Acer\AppData\Local\CrashDumps
2021-10-31 13:13 - 2017-08-16 23:46 - 000000000 ____D C:\ProgramData\Adobe
2021-10-31 08:17 - 2021-06-30 11:39 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-31 02:52 - 2020-06-06 22:33 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-31 02:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 02:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-29 20:53 - 2017-08-16 23:50 - 000000000 ____D C:\Users\Acer\AppData\Roaming\vlc
2021-10-29 15:39 - 2020-12-02 13:58 - 000000000 ____D C:\Users\Acer\Desktop\Škola
2021-10-29 09:05 - 2017-11-08 19:31 - 000000000 ____D C:\Users\Acer\AppData\Local\Packages
2021-10-29 00:55 - 2017-08-16 23:40 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-29 00:55 - 2017-08-16 23:40 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-28 07:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-28 01:04 - 2017-08-28 22:17 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2021-10-27 17:14 - 2017-12-24 09:18 - 000000000 ____D C:\Users\Acer\AppData\Local\NVIDIA
2021-10-22 08:55 - 2017-08-22 16:41 - 000000000 ____D C:\Users\Acer\AppData\Local\ElevatedDiagnostics
2021-10-21 17:53 - 2021-04-19 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2021-10-15 16:49 - 2021-04-19 14:00 - 000000000 ____D C:\ProgramData\Razer
2021-10-14 22:21 - 2017-08-28 22:17 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Battle.net
2021-10-14 22:21 - 2017-08-28 22:16 - 000000000 ____D C:\Users\Acer\AppData\Local\Blizzard
2021-10-13 12:55 - 2020-11-01 07:33 - 000438824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 12:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-13 12:53 - 2020-11-01 07:34 - 000000000 ____D C:\Users\Acer
2021-10-13 05:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-13 05:18 - 2017-08-16 23:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 05:17 - 2017-08-16 23:08 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-10 20:32 - 2017-07-25 01:03 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-10 07:45 - 2020-11-30 08:46 - 000003482 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b0198bab90cd
2021-10-10 07:45 - 2020-11-01 07:39 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-06 13:31 - 2018-02-23 13:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-11-01 09:59 - 2021-07-03 09:34 - 000000056 _____ () C:\ProgramData\benchmark_10M.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000000055 _____ () C:\ProgramData\benchmark_1M.cmd
2021-11-01 09:59 - 2021-07-11 17:31 - 000000102 _____ () C:\ProgramData\consol.vbs
2021-11-01 09:59 - 2021-07-03 09:34 - 000001026 _____ () C:\ProgramData\pool_mine_example.cmd
2021-11-01 09:59 - 2021-07-03 09:38 - 000000029 _____ () C:\ProgramData\sart.cmd
2021-11-01 09:59 - 2021-07-03 09:34 - 000000815 _____ () C:\ProgramData\solo_mine_example.cmd
2021-11-01 09:59 - 2021-07-03 09:38 - 004666880 _____ (www.xmrig.com) C:\ProgramData\xmrig.exe
2021-10-31 13:13 - 2021-10-31 13:12 - 000000236 _____ () C:\Users\Public\vb2.vbs
2019-06-01 16:58 - 2019-10-25 16:05 - 000007597 _____ () C:\Users\Acer\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2021
Ran by Acer (02-11-2021 12:43:26)
Running from C:\Users\Acer\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) (2020-11-01 06:39:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Acer (S-1-5-21-1106091575-681360745-1136122368-1001 - Administrator - Enabled) => C:\Users\Acer
Administrator (S-1-5-21-1106091575-681360745-1136122368-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1106091575-681360745-1136122368-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1106091575-681360745-1136122368-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1106091575-681360745-1136122368-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1106091575-681360745-1136122368-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - emc, uTorrent.CZ)
7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{8B441B85-0AFA-4EB3-A756-A47453481D2D}) (Version: 3.1.18240.4 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3012 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 verze v18.1.1.252 (HKLM-x32\...\{F50EB90C-5133-4949-93F7-CD653C56694F}_is1) (Version: v18.1.1.252 - My Company, Inc.)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
BDSwiss Global MetaTrader 4 (HKLM-x32\...\BDSwiss Global MetaTrader 4) (Version: 4.00 - MetaQuotes Ltd.)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CurseForge (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.185.3.1 - Overwolf app)
Discord (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
iTunes (HKLM\...\{175515C0-79A0-4C7D-BCD0-E5C93EBE6BE0}) (Version: 12.12.1.1 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft Excel 2019 - sk-sk (HKLM\...\Excel2019Retail - sk-sk) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft PowerPoint 2019 - sk-sk (HKLM\...\PowerPoint2019Retail - sk-sk) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Word 2019 - sk-sk (HKLM\...\Word2019Retail - sk-sk) (Version: 16.0.14527.20234 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafický ovládač 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.181.0.11 - Overwolf Ltd.)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
PredatorSense (HKLM-x32\...\{5A98D6E3-1EDC-43B9-B4F6-0A2B7F872F22}) (Version: 2.01.3005 - Acer Incorporated)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.17.6.1483 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.1030.102715 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21294 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Roblox Player for Acer (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Acer (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.44.403 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-5) (Version: 1.0.42.0 - LunarG, Inc.)
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warships (HKLM-x32\...\1EAC1D02-C6AC-4FA6-9A44-96258C37C814_is1) (Version: 0.3.23.566 - Wargaming.net)
XSplit Gamecaster (HKLM-x32\...\{6653CF8C-38BE-4F69-8AB8-77E20E4F841E}) (Version: 2.8.1607.2032 - SplitmediaLabs)
Zoom (HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\ZoomUMX) (Version: 5.7.1 (543) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-19] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.4101.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-27] (NVIDIA Corp.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.500.373.0_x86__55nm5eh3cm0pr [2021-10-24] (ROBLOX Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxDTCM.dll [2017-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_a88f3791f9fa8757\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-10-21 18:55 - 2021-10-21 18:55 - 104871424 _____ () [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\libcef.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\libegl.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\libglesv2.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-09-24 11:03 - 2021-09-24 11:03 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\chrome_elf.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\audio\qtaudio_windows.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qgif.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qico.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qjpeg.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qmng.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qsvg.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\imageformats\qtiff.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\platforms\qwindows.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Core.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Gui.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Multimedia.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Network.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Qml.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Quick.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Svg.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Widgets.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5WinExtras.dll
2021-10-21 18:55 - 2021-10-21 18:55 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Blizzard App\Battle.net.13147\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1106091575-681360745-1136122368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1106091575-681360745-1136122368-1001 -> DefaultScope {A108125D-A634-401D-AF03-B42EF5ED7BC9} URL = 
SearchScopes: HKU\S-1-5-21-1106091575-681360745-1136122368-1001 -> {A108125D-A634-401D-AF03-B42EF5ED7BC9} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-1106091575-681360745-1136122368-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.50.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{58540979-22AC-434F-8AD1-D3E3549C464C}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{55677882-4ACB-42B3-88A6-D7A31C0BC87C}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{CB66170B-C794-4A5A-B721-0D75797A6625}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{2F350414-E1C0-4DED-B7AC-E109D45E383C}D:\hry\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{CD719CF7-7D4A-469C-BC85-A5A3BB71D4D0}D:\hry\world of warcraft classic\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\world of warcraft classic\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{5CAE83EE-1FC3-447C-9A31-0C6AD6D8D085}D:\hry\world of warcraft classic\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\world of warcraft classic\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{9C95E7FF-D755-4329-8A19-48DD9A646AA3}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{AB3EC180-2546-46C7-B431-55C2AAFC5813}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{B68197F4-D45C-4FF0-A56F-341CA65F05DD}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{40D747DE-9D51-4E24-A029-8CCBF5A07F29}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe => No File
FirewallRules: [{C474B237-CDDF-46DF-8E2B-B7B67621CD7C}] => (Allow) D:\Hry\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{87E8974C-15BD-4766-9E81-6B2A56FAFFE8}] => (Allow) D:\Hry\Assassin's Creed Unity\ACU.exe => No File
FirewallRules: [{C5B5924D-3540-4362-A6FE-6742A01DB57A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37AA2CA7-A094-469E-B71B-D6E7F4C22C11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14511C0B-AD47-432E-AAA0-5F9D71B0C52C}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{ADF9B8AD-D6C1-4162-9510-2D8CA4095F22}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6E6123EE-3FF0-4306-A2B4-2EDBCC9A2C21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4525D8F6-2806-4204-A544-EE3D2889A4EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{05154D24-8BAD-4FAD-91AD-0DC1729B130C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD898FFC-8CB2-4DCA-B85A-55F6F56CD4A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{10DA8A6D-B62F-43F1-B7ED-F774467A2F7C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6849105-27A2-400D-A5A3-F6A8987A4A40}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB19A6A5-34CA-4615-AE5F-AE5468B65730}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B771AA3D-985C-4320-A54B-3284AF2F1E46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{06D60E7B-2D43-45B3-BB14-D1E65E2E91AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{03576A3E-0D0F-4C59-97F8-5DB3B7797B4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{A1A8D96F-503A-4DF8-AF37-B5C3A77DB7E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40DF6498-AACF-456B-80CD-3959822FDFED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{444811E9-759D-418C-BBFE-2C42DFCC3D29}] => (Allow) C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E8F710C6-5B1D-4EAD-BAE0-D7896414111E}] => (Allow) C:\Program Files (x86)\World_of_Warships\WoWSLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{24DD1E1B-E3A7-4F98-9B1C-98BA6EC0F603}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{BE50317F-EF14-4A0C-94E1-A2C8D84922D0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{F917464F-5EB1-427E-B45A-777B5879E2A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{93C6B6BB-4809-46A2-902A-B7185A876630}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EAB1BA5B-19F6-4256-A39C-2F152219C11A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{92E96559-72F8-4DBB-9A93-86D3E6F8ACE3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9F0ACCCB-266B-406E-84BE-D271E2B31DFE}] => (Allow) D:\Programy\uTorrent.exe (BitTorrent, Inc.) [File not signed]
FirewallRules: [{D12A816C-0AF2-4C5E-AA3F-CC840C67A381}] => (Allow) D:\Programy\uTorrent.exe (BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{35BBD5E5-45A0-4D3E-9E9A-203DFC4E67EF}D:\hry\total war - warhammer\warhammer.exe] => (Allow) D:\hry\total war - warhammer\warhammer.exe => No File
FirewallRules: [UDP Query User{D3E44CEB-2B7A-4F52-A701-C342D2DC3A9F}D:\hry\total war - warhammer\warhammer.exe] => (Allow) D:\hry\total war - warhammer\warhammer.exe => No File
FirewallRules: [TCP Query User{573FAEA0-6121-4B84-A399-182B9DD40813}D:\hry\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\hry\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{57213BCF-1632-404A-86B1-E3389B1467B3}D:\hry\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\hry\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [{2C6A9F16-D4F4-4251-ADF2-FE7866E11588}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{830E7446-1DA5-4C51-A07A-0612F66B2A3F}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{EDD7D0B4-A1E0-4732-AA02-0633670745C3}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{B0FC0F73-E9BA-4908-A6F2-508FDE699D73}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{D5D55603-A97E-4E9A-AF1B-48E0AD24DF53}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{F89928C2-A5DD-449D-9EA9-B73FC21D3B79}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\911 Operator\911.exe () [File not signed]
FirewallRules: [{67DDD8D1-982E-4BB6-96E9-41C0F816FB52}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [{A8999D3E-3505-448E-B814-25AEF3091FBE}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\911 Operator\CallEditor.exe () [File not signed]
FirewallRules: [TCP Query User{2C5D2296-2A29-4DC1-9033-1EFA1BF0B8D9}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [UDP Query User{E07021BB-9CD3-4E34-9AA2-70BB27935159}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [TCP Query User{A1868004-CCB0-4CE3-B415-C03650B34041}D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{5E6AB46F-2649-4EA7-B120-DEA075ADCE3B}D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{B13D5392-0387-45F5-9020-88AC6F026872}D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C3B217A4-B69B-4346-BBF6-A1059CD017CE}D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3C467BD9-3302-44E6-9AB8-822AA1A60A09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2EF925B-5AEB-4D8C-B25F-1C3FC4689E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EAC2A496-E6CB-46CD-BD58-304E8230A2A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B7DEDEC5-8C73-4669-8093-BFAD3AED8AAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5346E25D-3C3E-4947-A060-45D63D0BDBEB}] => (Allow) C:\Users\Acer\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2FA5C0E6-D175-4F37-B107-7D4F40F84353}] => (Allow) C:\Users\Acer\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1EB92224-56F3-448B-B872-ACB425620B8D}] => (Allow) C:\Users\Acer\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{E73ED97F-3485-4F4E-9B15-E203C105D0C7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{979811A8-5B76-4641-A155-E38990553494}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{568BD5C5-011C-43D8-86CB-E0DC8AC7C5CA}D:\hry\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone.exe => No File
FirewallRules: [{D18F3A7F-FAD5-4DAF-90FD-A2AA431B7C1E}] => (Allow) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{07E77743-B75B-4609-92EE-1EE1D42CC920}] => (Allow) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{214E5545-F8D2-4BDD-83A7-A965E607E9B7}] => (Allow) D:\Hry\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CBC2D156-4554-479D-8D95-15B30B827633}] => (Allow) D:\Hry\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{C11B86DD-C369-4809-B82F-D1EAB644F25F}] => (Block) D:\Hry\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{E6F05C0C-6160-41C0-91B4-FA996038B984}] => (Block) D:\Hry\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{74C87694-4B83-4F85-8C3C-3C5A649D015E}] => (Allow) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{68F5B416-71B8-4708-90A7-5BEF44298659}] => (Allow) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DE1F5D43-D711-4A1A-8EB8-9E5FF4CBFC08}] => (Block) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DA30A845-084D-49AC-B1C6-480529E133B0}] => (Block) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{43F711D9-13B4-4B1B-A8ED-6E889B88C9E4}] => (Block) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0280A5F7-2D2B-4A0D-A775-75CE4F625319}] => (Block) D:\Hry\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{41B353C7-9404-43C4-BEE8-E462027DCC5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC68EBEA-E579-48BA-8B61-DCD8009FB612}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D17DA8AB-49C4-4334-B801-F408661D284D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57E3C8F7-6F30-443C-8BF3-0E711DB92251}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87E9C376-C29A-4F9C-B272-70A31F033260}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/02/2021 11:20:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PREDATOR)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (11/02/2021 11:20:08 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PREDATOR)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/01/2021 12:11:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: PREDATOR)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (11/01/2021 12:11:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PREDATOR)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/01/2021 12:05:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: PREDATOR)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/01/2021 11:58:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (11/01/2021 11:58:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (11/01/2021 11:58:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.


System errors:
=============
Error: (11/02/2021 11:17:22 AM) (Source: DCOM) (EventID: 10010) (User: PREDATOR)
Description: The server {38E441FB-3D16-422F-8750-B2DACEC5CEFC} did not register with DCOM within the required timeout.

Error: (11/01/2021 12:29:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/01/2021 12:05:36 PM) (Source: DCOM) (EventID: 10010) (User: PREDATOR)
Description: The server {38E441FB-3D16-422F-8750-B2DACEC5CEFC} did not register with DCOM within the required timeout.

Error: (11/01/2021 12:01:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/28/2021 01:11:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (10/28/2021 07:10:26 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. The error:
"2147942402"
Happened while starting this command:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (10/28/2021 07:10:26 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. The error:
"2147942402"
Happened while starting this command:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (10/28/2021 07:10:26 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. The error:
"2147942402"
Happened while starting this command:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding


Windows Defender:
================
Date: 2021-11-02 12:37:45
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Conteban.A!ml&threatid=2147735508&enterprise=0
Name: Trojan:Script/Conteban.A!ml
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Acer\AppData\Roaming\mnb.vbs; file:_C:\Users\Acer\AppData\Roaming\mnb.vbs; file:_C:\Users\Acer\AppData\Roaming\mnb.vbs->(UTF-16LE)
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.353.262.0, AS: 1.353.262.0, NIS: 1.353.262.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 12:34:19
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Conteban.A!ml&threatid=2147735508&enterprise=0
Name: Trojan:Script/Conteban.A!ml
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Acer\AppData\Roaming\mnb.vbs; file:_C:\Users\Acer\AppData\Roaming\mnb.vbs->(UTF-16LE)
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.353.262.0, AS: 1.353.262.0, NIS: 1.353.262.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 12:34:19
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\Acer\AppData\Local\Temp\tmp4703.tmp.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.353.262.0, AS: 1.353.262.0, NIS: 1.353.262.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:53:52
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Bitrepeyp.B&threatid=247148&enterprise=0
Name: PUA:Win32/Bitrepeyp.B
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Users\Acer\AppData\Local\Microsoft\Windows\INetCache\IE\AESV1JK1\dil[1].jpg; file:_C:\Users\Acer\AppData\Local\Temp\kgdpe9a.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:53:52
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:HTML/Adodb.gen!A&threatid=2147605512&enterprise=0
Name: TrojanDownloader:HTML/Adodb.gen!A
Severity: Závažná
Category: Program na sťahovanie trójskych koní
Path: file:_C:\ProgramData\Adobe\AIR\start\aclui.dll.js
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:19:51
Description: 
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Offline.
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available. 

Date: 2021-11-02 11:19:13
Description: 
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Offline.
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available. 

Date: 2021-11-02 11:18:47
Description: 
Microsoft Defender Antivirus has encountered an error trying to download and configure Microsoft Defender Offline.
Error code: 0x8000000a
Error description: The data necessary to complete this operation is not yet available. 

Date: 2021-11-01 13:24:33
Description: 
Microsoft Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Name: HackTool:Win32/AutoKMS
Severity: Vysoká
Category: Nástroj
Path: containerfile:_D:\Download\Microsoft Office Professional Plus 2016 v16.0.4456.1003 CZ-SK-HU x64!\Microsoft Office Professional Plus 2016 v16.0.4456.1003 CZ-SK-HU x64!.iso; file:_D:\Download\Microsoft Office Professional Plus 2016 v16.0.4456.1003 CZ-SK-HU x64!\Microsoft Office Professional Plus 2016 v16.0.4456.1003 CZ-SK-HU x64!.iso->ALL  MS  OFFICE WINDOWS PERNAMEN ACTIVATOR!\Auto (Run as Admin).cmd
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Action: Quarantine
Action Status:  No additional actions required
Error Code: 0x80070003
Error description: The system cannot find the path specified. 
Security intelligence Version: AV: 1.353.195.0, AS: 1.353.195.0, NIS: 1.353.195.0
Engine Version: AM: 1.1.18700.4, NIS: 1.1.18700.4

CodeIntegrity:
===============
Date: 2021-07-09 14:31:32
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Hry\Overwolf\0.173.0.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-07-09 14:31:31
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Acer\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume1\Hry\Overwolf\0.173.0.16\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-23 06:40:39
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Acer\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume1\Hry\Overwolf\0.173.0.14\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-13 15:59:26
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Acer\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume1\Hry\Overwolf\0.170.48.15\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

BIOS: Insyde Corp. V1.21 11/02/2018
Motherboard: KBL Sienna_KLS
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 69%
Total physical RAM: 16267.6 MB
Available physical RAM: 5015.09 MB
Total Virtual: 32535.2 MB
Available Virtual: 15858.77 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:21.8 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:48.79 GB) NTFS

\\?\Volume{c84fb696-c3fb-4bb2-99fb-a7031e0a9fd9}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.49 GB) NTFS
\\?\Volume{780b91a6-bb50-4a28-b9e9-6e150446cf96}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5EFB24E8)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5EFB2483)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15216
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Spomalenie PC a problém s Trojanmi

#2 Příspěvek od JaRon »

ahoj,
toto ber iba ako rychlu prvu pomoc - po akcii s fixlist-om doporucujem PC vycistit s AVPTool - KVRT
CITAT:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [K8XGITUU14] => "C:\Users\Acer\AppData\Local\Temp\aclui.dll.js" <==== ATTENTION
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\consol.vbs.lnk [2021-11-01]
ShortcutTarget: consol.vbs.lnk -> C:\ProgramData\consol.vbs () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mnb.vbs [2021-11-01] () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\script.vbs [2021-10-31] () [File not signed]
Task: {3361E9C0-1BFA-4858-A155-786C3C553E42} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath




EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Murtagh
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 27 pro 2008 11:01
Bydliště: Liesek city
Kontaktovat uživatele:
Kontaktovat uživatele Murtagh

Re: Spomalenie PC a problém s Trojanmi

#3 Příspěvek od Murtagh »

ďakujem za pomoc, prikladám log:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2021
Ran by Acer (02-11-2021 15:26:46) Run:1
Running from C:\Users\Acer\Desktop
Loaded Profiles: defaultuser0 & Acer
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1106091575-681360745-1136122368-1001\...\Run: [K8XGITUU14] => "C:\Users\Acer\AppData\Local\Temp\aclui.dll.js" <==== ATTENTION
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\consol.vbs.lnk [2021-11-01]
ShortcutTarget: consol.vbs.lnk -> C:\ProgramData\consol.vbs () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mnb.vbs [2021-11-01] () [File not signed]
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\script.vbs [2021-10-31] () [File not signed]
Task: {3361E9C0-1BFA-4858-A155-786C3C553E42} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 PeerDistSvc; no ImagePath
*****************

"HKU\S-1-5-21-1106091575-681360745-1136122368-1001\Software\Microsoft\Windows\CurrentVersion\Run\\K8XGITUU14" => removed successfully
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\consol.vbs.lnk => moved successfully
C:\ProgramData\consol.vbs => moved successfully
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mnb.vbs => moved successfully
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\script.vbs => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3361E9C0-1BFA-4858-A155-786C3C553E42}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3361E9C0-1BFA-4858-A155-786C3C553E42}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully
AppMgmt => service removed successfully
HKLM\System\CurrentControlSet\Services\CscService => removed successfully
CscService => service removed successfully
"HKLM\System\CurrentControlSet\Services\napagent" => removed successfully
napagent => service removed successfully
HKLM\System\CurrentControlSet\Services\PeerDistSvc => removed successfully
PeerDistSvc => service removed successfully

==== End of Fixlog 15:26:46 ====
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15216
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Spomalenie PC a problém s Trojanmi

#4 Příspěvek od JaRon »

To je OK
Este to cistenie s Avptool, lebo predpokladam, ze tam zopar smejdov bude
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Murtagh
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 27 pro 2008 11:01
Bydliště: Liesek city
Kontaktovat uživatele:
Kontaktovat uživatele Murtagh

Re: Spomalenie PC a problém s Trojanmi

#5 Příspěvek od Murtagh »

šiel som podľa návodu na AVPTool ale nejak som sa k tomu nedostal, tu verziu 11 mi asi nestiahlo ale stiahlo najnovšie a nikde som tam nenašiel možnosť uložiť log. Tak som to aspoň screenol :)
Obrázek

Hádam je to dobré :?:
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15216
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Spomalenie PC a problém s Trojanmi

#6 Příspěvek od JaRon »

spravil si to perfektne, a mame hotovo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Murtagh
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 27 pro 2008 11:01
Bydliště: Liesek city
Kontaktovat uživatele:
Kontaktovat uživatele Murtagh

Re: Spomalenie PC a problém s Trojanmi

#7 Příspěvek od Murtagh »

prebehnem to ešte raz scanom cez AVPTool, cez windows defender a dám vedieť :wink: zatiaľ ďakujem veľmi pekne za pomoc :thumbsup:
Nahoru
Murtagh
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 27 pro 2008 11:01
Bydliště: Liesek city
Kontaktovat uživatele:
Kontaktovat uživatele Murtagh

Re: Spomalenie PC a problém s Trojanmi

#8 Příspěvek od Murtagh »

Obrázek

Výborne, ďakujem ešte raz za pomoc :thumbsup:
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15216
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Spomalenie PC a problém s Trojanmi

#9 Příspěvek od JaRon »

rado sa stalo :)
ak existuje sart.cmd, tak ho ZMAZ - mas tam volbu skip
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“