Zdravim, poprosil by som o preventivnu kontrolu, dakujem dopredu.
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by cress (administrator) on DESKTOP-DU1T7SB (Micro-Star International Co., Ltd. GL73 8RE) (12-01-2021 03:28:42)
Running from C:\Users\cress\Downloads
Loaded Profiles: cress
Platform: Windows 10 Pro Version 1903 18362.476 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(IDRIX -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ebdc782d382a3810\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ebdc782d382a3810\IntelCpHeciSvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [833312 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SCM] => c:\Program Files (x86)\SCM\SCM.exe [302360 2018-03-09] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-11-27] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81373696 2020-06-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-06-20] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-05] (Adobe Inc. -> )
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3672920 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [utweb] => C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe [5617792 2020-12-01] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [679048 2020-06-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cress\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\MountPoints2: {b66d2193-a8d4-11ea-a996-d8f2ca0d1b0e} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\MountPoints2: {c323ee43-dbc8-11e9-a836-00d8610781b1} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jarvee.lnk [2020-03-20]
ShortcutTarget: Jarvee.lnk -> C:\Users\cress\AppData\Roaming\Jarvee\Jarvee.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {015CC7CD-6779-47A4-8BED-B83392043416} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {091523A3-3872-4C54-B68C-CB95013085B4} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe
Task: {10D52777-DDDE-498A-BCA7-356E8B7E9668} - System32\Tasks\Microsoft\Intune\Intune Management Extension Health Evaluation => C:\Program Files (x86)\Microsoft Intune Management Extension\ClientHealthEval.exe [50024 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {16026704-6674-440C-A8F6-B3B78AFAF6C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {166CBB20-5A7A-49D3-9D07-C4ED4CC0F37C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {198DB53C-A119-4410-8EE0-8BF900ADD49A} - System32\Tasks\NahimicSvc32Run => C:\Users\cress\Desktop\8612_UAD_WHQL_Nahimic_1230_2019_0111_134708\Win64\ThirdParty\A-Volute APO - SWC\NahimicSvc32.exe [656112 2019-01-09] (A-Volute -> Nahimic)
Task: {1A29B4A5-EBC4-4A92-8806-1131D05F01D1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\OS Edition Upgrade event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {1C110509-347B-4190-89DD-CDCF7B1A2873} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\cress\Downloads\esetonlinescanner_enu.exe
Task: {1D61699D-BB75-4558-AEF1-BFDD0F1946B6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1DA46985-C820-4FEA-91E4-1B548F8C8D08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {25110484-EC5B-4BE8-8816-B9814BA9AF9C} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {28081A14-EC4F-4D57-ACDB-D9F897D640E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-22] (Google LLC -> Google LLC)
Task: {2891CE16-1729-43A7-808B-C2C46A7D7115} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3540B1B5-DA52-4ED1-A060-190F3627968F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {39B3393A-7E29-4731-8167-0BF18D5F75CA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\PushLaunch => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {44B090CE-2E8C-4269-B98E-D616CE85217E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4F6DE537-8E04-42AA-B0F4-FCF2F00E5CEA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FF111C5-2672-4F35-BF36-D8DB589D968B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {50FCDAD5-BC5D-4633-9ED4-87F07ADC89B6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule created by enrollment client for renewal of certificate warning => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {51350E3E-F552-4EEF-8F69-7913A71D22C3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #2 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {52BC83B1-50AA-445E-9DCE-9C80D14F9C8D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule to run OMADMClient by server => C:\Windows\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {546F147A-C6AC-4310-94BE-7026480FBD67} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {5755325F-97E6-4C00-8D0F-94AE5CBC9EA8} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\PushRenewal => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {5F79C9A4-BF55-4E02-8808-337A210459DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6043B7D2-DFAF-43CD-A741-FE1490E2F7BC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B177538-7A7B-4789-9C64-79DD018CC36F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72352C51-2840-4E91-91E1-833E1387A3FE} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {79AEAD23-ED3A-4FA6-B232-F190E556C9A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Passport for Work alert created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {7DD201AD-115F-4EB5-BE96-571CE394B1D1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E283ACD-0BE1-495F-8AC2-1AA4A7925129} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7E2A50B5-7A86-478C-A184-13D29F9EC651} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Win10 S Mode event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {7F4D80E3-77BF-4515-ADA0-32E0F115BC51} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B86C1E-798B-4D75-AD71-8910B0049C48} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {85E93F91-D8CB-4263-9465-D09962B86FA1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #3 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {923AE985-1150-40A0-922F-97A805ACA912} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {94B7E62E-5FB8-4580-827B-54444C8EBC49} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6255104 2020-05-06] (Micro-Star International Co., Ltd.) [File not signed]
Task: {AAF5F7E7-6F43-40E7-9FFD-F54124396511} - System32\Tasks\Opera scheduled assistant Autoupdate 1576852719 => C:\Users\cress\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\cress\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AB5BB24B-20BE-4AE6-8FD7-4157715542F1} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {AC7862F8-CB1C-44CB-80D8-5D5ADB7856EF} - System32\Tasks\WD Device Agent Task cress => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [717824 2020-06-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {B39C5FF2-16EC-4DF7-823F-860F76935ED3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Retry Schedule created for incomplete session => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {B47F9453-4E85-4859-B1B4-50A126C3FFB7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\cress\Downloads\esetonlinescanner_enu.exe
Task: {B685FE15-2D95-48B2-B06E-43B1C5AB989B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {B92E6EB7-5E7A-4376-A958-070E57B1F887} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9DA20D3-7841-4849-ABE2-5CA9E1273D97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-22] (Google LLC -> Google LLC)
Task: {BF758DA0-8563-4889-9531-FBCEF02DBD2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule to run OMADMClient by client => C:\Windows\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {C5FD4B34-6C2A-42A4-BC97-9C5F05EDC379} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #1 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {C78646CF-61A5-47CD-B0D6-1081C2FAF126} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C97F263B-B604-4CC6-8B2A-631F3ABB283D} - System32\Tasks\Opera scheduled Autoupdate 1569184123 => C:\Users\cress\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software)
Task: {CAFBF536-5C37-40D3-91E0-CA4F5016B15C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {DEEE555C-23C6-4B85-BE8E-293A493D5ABD} - System32\Tasks\WD Discovery Service Task cress => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [72704 2020-06-20] (Western Digital Technologies, Inc. -> )
Task: {E1D6B0FF-8A1F-4EBC-833F-7F87BBFF8877} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [344184 2020-02-13] (Micro-Star International CO., LTD. -> Application)
Task: {E2CAE656-13A7-4FDF-B52F-85686EC75615} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBA9C18C-B7F8-4ADB-9092-559930EA26CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6A3EF1A-8713-4807-98F4-BD7A18D357A8} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {F77A2DE6-39F8-4D57-ADA7-082DC2C39E66} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Provisioning initiated session => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {FFBFFB32-04F8-47FE-93FB-E4B0121AC29B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{04ada37e-a05f-4aeb-ad46-f66a364231bb}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{30e84ff8-0135-421d-9f46-f25e462da540}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{30e84ff8-0135-421d-9f46-f25e462da540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f08e3082-5a47-4b6b-969c-7b4b534dfe8d}: [DhcpNameServer] 192.168.100.1
FireFox:
========
FF DefaultProfile: 3tttmlbd.default
FF ProfilePath: C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\3tttmlbd.default [2019-12-21]
FF ProfilePath: C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release [2021-01-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\lpjytsu6.default-release -> backup.ftp", "46.36.40.73"
FF Extension: (Disable WebRTC) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2020-10-14]
FF Extension: (To Google Translate) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-11]
Chrome:
=======
CHR Profile: C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default [2020-12-22]
CHR Extension: (Prezentácie) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-22]
CHR Extension: (Dokumenty) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-22]
CHR Extension: (Disk Google) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-22]
CHR Extension: (Tabuľky) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-22]
CHR Extension: (FleekFramework Cookie Tool) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjfkniifopdfpiafnmoncogajgbhncm [2020-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-22]
CHR Extension: (Gmail) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-22]
Opera:
=======
OPR Extension: (WebRTC Control) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\abbdelbgkogfgjkjflgmhebbfjahgalo [2020-10-14]
OPR Extension: (Rich Hints Agent) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-12-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AALSvc; C:\AlphaAntiLeak\AAL\bin\server\AALSvc.exe [11444088 2020-03-31] (Constantin Schreiber -> )
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-09-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 IntuneManagementExtension; C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe [170344 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2018-03-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe [47568 2018-10-29] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2020-04-27] (Even Balance, Inc. -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [319320 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 Sendevsvc; C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe [302888 2019-01-30] (Micro-Star International CO., LTD. -> )
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-10-19] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2019-11-25] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 NahimicService; "%SystemRoot%\system32\NahimicService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AALProtect; C:\AlphaAntiLeak\AAL\bin\server\AALProtect.sys [35984 2020-03-31] (OOO AMEKS -> )
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (ManyCam -> Visicom Media Inc.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18448 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [101600 2020-12-29] (TEFINCOM S.A. -> )
R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-10-27] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-09-08] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [224496 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [829320 2019-09-20] (IDRIX -> IDRIX)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\Windows\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\Windows\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [18688 2018-07-18] (WDKTestCert heavenluo,131620253795976757 -> )
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S3 NTIOLib_CC_Clock; \??\C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-12 03:28 - 2021-01-12 03:29 - 000040593 _____ C:\Users\cress\Downloads\FRST.txt
2021-01-12 03:27 - 2021-01-12 03:27 - 002281472 _____ (Farbar) C:\Users\cress\Downloads\FRST64.exe
2021-01-09 18:02 - 2021-01-09 18:02 - 001121100 _____ C:\Windows\Minidump\010921-33718-01.dmp
2021-01-07 04:19 - 2021-01-07 04:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 03:55 - 2020-12-29 17:02 - 000101600 _____ C:\Windows\system32\Drivers\NDivert.sys
2021-01-05 18:05 - 2021-01-05 18:05 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-01-05 18:05 - 2021-01-05 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-01-05 18:05 - 2021-01-05 18:05 - 000000000 ____D C:\Program Files\Oracle
2021-01-05 18:05 - 2020-10-16 10:04 - 001037392 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2021-01-05 18:05 - 2020-10-16 10:04 - 000187456 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2021-01-05 18:04 - 2021-01-05 18:04 - 108077072 _____ (Oracle Corporation) C:\Users\cress\Downloads\VirtualBox-6.1.16-140961-Win(1).exe
2021-01-05 03:32 - 2021-01-05 03:32 - 108077072 _____ (Oracle Corporation) C:\Users\cress\Downloads\VirtualBox-6.1.16-140961-Win.exe
2020-12-28 15:55 - 2020-12-28 15:55 - 038510856 _____ C:\Users\cress\Downloads\electrum-4.0.9-portable.exe
2020-12-23 19:28 - 2020-12-23 19:28 - 123468261 _____ C:\Users\cress\Desktop\monero-gui-win-x64-v0.17.1.7.zip
2020-12-22 01:17 - 2020-12-22 01:17 - 000000000 ____D C:\Users\cress\AppData\Local\Logitech
2020-12-22 01:17 - 2020-12-22 01:17 - 000000000 ____D C:\ProgramData\LogiShrd
2020-12-22 01:13 - 2020-12-22 01:14 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\Logitech
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\Logishrd
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-12-22 00:58 - 2020-12-22 00:59 - 125871888 _____ (Logitech Inc.) C:\Users\cress\Desktop\LGS_9.02.65_x64_Logitech.exe
2020-12-19 15:26 - 2020-12-19 15:26 - 000001734 _____ C:\Users\cress\Desktop\certifik.txt
2020-12-14 14:46 - 2020-12-14 14:46 - 000000000 ____D C:\Users\cress\Desktop\Mat
2020-12-14 14:03 - 2020-12-14 14:03 - 000001759 _____ C:\Users\cress\Desktop\3B2E3E0E6F3FADB5F97D2AD7C26E172456A0FF1C.asc
2020-12-14 01:10 - 2020-12-14 01:10 - 000000961 _____ C:\Users\Public\Desktop\GUI Wallet.lnk
2020-12-14 01:10 - 2020-12-14 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet
2020-12-14 01:09 - 2020-12-14 01:10 - 000000000 ____D C:\Program Files\Monero GUI Wallet
2020-12-14 01:09 - 2020-12-14 01:09 - 083588019 _____ (The Monero Developer Community ) C:\Users\cress\Downloads\monero-gui-install-win-x64-v0.17.1.6.exe
2020-12-14 01:01 - 2020-12-14 01:35 - 000000000 ____D C:\Users\cress\AppData\Roaming\MyMonero
2020-12-14 01:01 - 2020-12-14 01:01 - 000001898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyMonero.lnk
2020-12-14 01:01 - 2020-12-14 01:01 - 000001886 _____ C:\Users\Public\Desktop\MyMonero.lnk
2020-12-14 01:01 - 2020-12-14 01:01 - 000000000 ____D C:\Users\cress\AppData\Local\mymonero-updater
2020-12-14 01:01 - 2020-12-14 01:01 - 000000000 ____D C:\Program Files\MyMonero
2020-12-14 00:59 - 2020-12-14 01:00 - 128463712 _____ (MyMonero) C:\Users\cress\Downloads\MyMonero-Setup-1.1.18.exe
2020-12-13 01:00 - 2020-12-13 01:00 - 000095196 _____ C:\Users\cress\Downloads\Doctor-Sleep(0000324245).srt
2020-12-13 00:31 - 2020-12-13 00:31 - 000095923 ____H C:\Users\cress\Downloads\.754b222fb233b335791fc0777b12b13996cbff23.parts
2020-12-13 00:14 - 2020-12-13 00:14 - 000000000 ____D C:\Users\cress\Downloads\Doctor Sleep (2019) [1080p] [WEBRip] [5.1] [YTS.LT]
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-12 03:28 - 2020-11-03 17:57 - 000000000 ____D C:\ProgramData\Common
2021-01-12 03:28 - 2019-12-18 14:21 - 000000000 ____D C:\FRST
2021-01-12 03:28 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-12 03:21 - 2019-09-23 15:50 - 000000000 ____D C:\Users\cress\.VirtualBox
2021-01-12 03:21 - 2019-09-20 16:53 - 000000000 ____D C:\Users\cress\AppData\Local\CrashDumps
2021-01-12 03:21 - 2019-09-20 16:14 - 000000000 ____D C:\Users\cress\AppData\LocalLow\Mozilla
2021-01-12 02:54 - 2019-09-20 13:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-11 23:43 - 2019-09-23 15:50 - 000000000 ____D C:\ProgramData\VirtualBox
2021-01-11 22:45 - 2019-09-20 17:51 - 000000000 ____D C:\Users\cress\AppData\Roaming\Telegram Desktop
2021-01-11 22:14 - 2019-09-20 13:54 - 001801832 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-11 22:14 - 2019-03-19 12:57 - 000753708 _____ C:\Windows\system32\perfh005.dat
2021-01-11 22:14 - 2019-03-19 12:57 - 000163666 _____ C:\Windows\system32\perfc005.dat
2021-01-11 22:14 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-01-11 22:11 - 2020-03-22 23:57 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-11 22:11 - 2020-03-22 23:57 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-11 22:11 - 2019-09-20 14:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-11 22:09 - 2019-09-20 14:18 - 000000000 __SHD C:\Users\cress\IntelGraphicsProfiles
2021-01-11 22:08 - 2019-09-23 19:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-11 22:08 - 2019-09-20 13:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-11 16:33 - 2019-09-20 17:31 - 000017434 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-01-11 16:33 - 2019-09-20 17:31 - 000013428 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-01-11 16:33 - 2019-09-20 17:31 - 000008582 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-01-11 16:33 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-01-11 14:54 - 2019-09-29 22:31 - 000000000 ____D C:\Users\cress\Documents\Simple Sticky Notes
2021-01-11 14:29 - 2019-09-21 17:08 - 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2021-01-11 13:23 - 2019-11-14 15:52 - 000000000 ____D C:\Users\cress\AppData\Roaming\Exodus
2021-01-11 12:57 - 2019-09-22 21:29 - 000000000 ____D C:\Users\cress\AppData\Roaming\Authy Desktop
2021-01-11 01:08 - 2019-11-13 21:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-10 05:45 - 2019-09-20 13:57 - 000000000 ____D C:\Users\cress
2021-01-10 01:37 - 2019-09-24 13:45 - 000000000 ____D C:\Users\cress\AppData\Roaming\Discord
2021-01-09 18:14 - 2019-09-20 17:49 - 000000000 ____D C:\Users\cress\AppData\Local\cache
2021-01-09 18:05 - 2020-04-13 18:30 - 000000000 ____D C:\Users\cress\AppData\Roaming\TS3Client
2021-01-09 18:02 - 2020-04-05 21:52 - 1445592352 _____ C:\Windows\MEMORY.DMP
2021-01-09 18:02 - 2019-09-20 13:50 - 000000000 ____D C:\Windows\minidump
2021-01-09 14:45 - 2020-09-13 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-09 14:45 - 2019-09-24 18:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-08 18:02 - 2019-09-22 21:28 - 000004218 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1569184123
2021-01-08 18:02 - 2019-09-22 21:28 - 000001405 _____ C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-01-08 01:30 - 2020-01-20 14:41 - 000000000 ____D C:\Users\cress\AppData\Roaming\gnupg
2021-01-07 21:40 - 2020-01-20 14:41 - 000000000 ____D C:\Users\cress\AppData\Roaming\kleopatra
2021-01-07 20:29 - 2020-09-18 15:49 - 000003195 _____ C:\Users\cress\key.asc
2021-01-07 16:38 - 2019-12-19 23:37 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-07 16:34 - 2019-09-20 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-07 16:34 - 2019-09-20 16:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 04:19 - 2019-09-20 16:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-07 03:55 - 2020-09-26 23:36 - 000001800 _____ C:\Users\cress\Desktop\NordVPN.lnk
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\ProgramData\NordVPN
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\Program Files\NordVPN
2021-01-07 03:55 - 2019-09-21 13:06 - 000000000 ____D C:\Users\cress\AppData\Local\NordVPN
2021-01-05 15:48 - 2019-12-29 21:10 - 000007611 _____ C:\Users\cress\AppData\Local\Resmon.ResmonCfg
2020-12-31 00:11 - 2019-09-24 14:46 - 000000000 ____D C:\Users\cress\Downloads\Telegram Desktop
2020-12-26 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF
2020-12-23 20:15 - 2020-09-17 20:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\monero-wallet-gui
2020-12-22 01:21 - 2020-05-24 17:43 - 000000000 ____D C:\Users\cress\AppData\Local\ElevatedDiagnostics
2020-12-21 15:47 - 2020-10-30 19:02 - 000000000 ____D C:\Users\cress\AppData\Roaming\Ledger Live
2020-12-16 19:56 - 2019-09-24 18:25 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3455536620-3738399896-992047778-1001
2020-12-16 19:56 - 2019-09-24 18:25 - 000002351 _____ C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:56 - 2019-09-20 14:20 - 000000000 ___RD C:\Users\cress\OneDrive
2020-12-13 01:24 - 2020-02-09 00:34 - 000000000 ____D C:\Users\cress\AppData\Roaming\uTorrent Web
2020-12-13 00:41 - 2019-09-24 23:17 - 000000000 ____D C:\Users\cress\AppData\Local\BitTorrentHelper
==================== Files in the root of some directories ========
2020-07-26 02:03 - 2020-07-26 21:01 - 000001456 _____ () C:\Users\cress\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-11-14 13:10 - 2019-11-14 13:10 - 000000000 _____ () C:\Users\cress\AppData\Local\oobelibMkey.log
2020-03-10 20:25 - 2020-04-09 11:19 - 000000128 _____ () C:\Users\cress\AppData\Local\PUTTY.RND
2019-12-29 21:10 - 2021-01-05 15:48 - 000007611 _____ () C:\Users\cress\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by cress (12-01-2021 03:29:32)
Running from C:\Users\cress\Downloads
Windows 10 Pro Version 1903 18362.476 (X64) (2019-09-20 12:50:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3455536620-3738399896-992047778-500 - Administrator - Disabled)
cress (S-1-5-21-3455536620-3738399896-992047778-1001 - Administrator - Enabled) => C:\Users\cress
DefaultAccount (S-1-5-21-3455536620-3738399896-992047778-503 - Limited - Disabled)
Guest (S-1-5-21-3455536620-3738399896-992047778-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3455536620-3738399896-992047778-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.0.436 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.39 - Rivet Networks)
AR8171 Drivers (HKLM\...\{414126AA-E74D-4C26-85E7-68B2840BD138}) (Version: 1.0.0.39 - Rivet Networks) Hidden
Authy Desktop (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\authy-electron) (Version: 1.8.3 - Twilio Inc.)
Bisq (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{bisq}}_is1) (Version: 1.4.2 - Bisq)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Exodus (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\exodus) (Version: 20.10.23 - Exodus Movement Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.19 - The GnuPG Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
Gpg4win (3.1.11) (HKLM-x32\...\Gpg4win) (Version: 3.1.11 - The Gpg4win Project)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1803.1301 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1803.1301 - Micro-Star International Co., Ltd.)
IIS 10.0 Express (HKLM\...\{643F2A3F-960C-4914-BD67-9490B4484108}) (Version: 10.0.03203 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6471 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{1b0a7381-5728-4546-9094-0200ee7f5668}) (Version: 21.30.3 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\F90C96996934A140F2B051F65B2D97EF0FB1A2C5) (Version: 1.1.6.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.15.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.15.0 - Ledger Live Team)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Intune Management Extension (HKLM-x32\...\{2C8049EE-D931-44CF-A59C-AAB2E3A6D810}) (Version: 1.37.200.8 - Microsoft Corporation)
Microsoft Intune Management Extension (HKLM-x32\...\{E4DC7B28-2245-404F-A9E9-CF96254033AE}) (Version: 1.37.200.3 - Microsoft Corporation)
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
Monero GUI Wallet version 0.17.1.6 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.1.6 - The Monero Developer Community)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.1 - Mozilla)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.)
MyMonero 1.1.18 (HKLM\...\8b526942-c25b-5a90-b515-e6b3530b2c2b) (Version: 1.1.18 - MyMonero)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.33.10.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Grafický ovládač 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 73.0.3856.329 (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Opera 73.0.3856.329) (Version: 73.0.3856.329 - Opera Software)
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
ProjectDestroyer (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\ProjectDestroyer) (Version: 3.8.31 - REAL BIG TIME LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.8.1 (64-bit) (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{edfa99b7-1514-493a-aeaf-a37eeec724d2}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Add to Path (64-bit) (HKLM\...\{63F5D8C4-D931-4B71-8B2D-FAAC7A862CC7}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Core Interpreter (64-bit) (HKLM\...\{F94E2016-28A6-4FCC-B5A1-D2D9757AF26A}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (64-bit) (HKLM\...\{913F572C-BF38-4E44-9065-7E1B024D43FB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (64-bit) (HKLM\...\{3FE61A1E-16AE-4702-81A6-C9F6CE3586EB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (64-bit) (HKLM\...\{D6160A7A-D48F-48A6-8E5D-FECBE5901D82}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (64-bit) (HKLM\...\{912206BD-EA52-4586-8A89-BD7716E5BD50}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (64-bit) (HKLM\...\{7E83F4DD-B376-4158-90C3-4E9AE54D0AB3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (64-bit) (HKLM\...\{96BBA29C-F949-4DF7-9221-EEE7F7D66377}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (64-bit) (HKLM\...\{64A5FC80-95DB-4CA0-AA8A-C4D652BBC96E}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (64-bit) (HKLM\...\{F0D5C7E7-4ECE-425F-BD33-8091DB57A31F}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31241 - Realtek Semiconductor Corp.)
Sandboxie 5.33.3 (64-bit) (HKLM\...\Sandboxie) (Version: 5.33.3 - Sandboxie Holdings, LLC)
SCM (HKLM\...\{61C9E087-AEEC-4D47-81A4-0A4999751A5E}) (Version: 13.018.03063 - Application)
Simple Sticky Notes 4.7 (HKLM-x32\...\Simple Sticky Notes_is1) (Version: - Simnet Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
uTorrent Web (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\utweb) (Version: 1.1.2 - BitTorrent, Inc.)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX)
WD Desktop App 2.1.0.311 (HKLM-x32\...\{b8265583-535c-49a9-9196-e2e835af56a4}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.311 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.0.251 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{3add5d6a-ee06-4eba-aea0-cbd8eb1486d4}) (Version: 2.0.0.70 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{5E3EE4AF-4D3A-4A65-9E04-8F50E9A3AC76}) (Version: 2.0.0.70 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WickrMe (HKLM\...\{22AFCB07-477E-43CF-BDDC-A3304F33570C}) (Version: 5.66.14 - Wickr Inc.)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Workflow Manager Client 1.0 (HKLM\...\{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-06-21] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-06] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-02] (NVIDIA Corp.)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-20] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-10-21] (Realtek Semiconductor Corp)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c [2019-11-15] (Skype)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-11-14] (Synaptics Incorporated)
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5641937B8A30} -> [Creative Cloud Files] => C:\Users\cress\Creative Cloud Files [2020-06-21 02:04]
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\cress\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\cress\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {AF1967EC-AF8F-4C1B-8354-85227585B989} - C:\Windows\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {AF1967EC-AF8F-4C1B-8354-85227585B989} - C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {AF1967EC-AF8F-4C1B-8354-85227585B989} => C:\Windows\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {AF1967EC-AF8F-4C1B-8354-85227585B989} => C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\nvshext.dll [2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-11-23 07:01 - 2018-11-23 07:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2016-08-10 20:34 - 2016-08-10 20:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 19:35 - 2015-06-11 19:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2018-03-09 13:37 - 2018-03-09 13:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] c:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-09-23 15:51 - 2017-11-10 11:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\Windows\system32\wdfsconnectMntNtf2017.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3455536620-3738399896-992047778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3455536620-3738399896-992047778-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {AF1967EC-AF8F-4C1B-8354-85227585B989}' -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {AF1967EC-AF8F-4C1B-8354-85227585B989}' -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\sharepoint.com -> hxxps://eubask-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2020-03-26 00:54 - 000001064 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 dsgsg.test # WinNMP local project
127.0.0.1 captcha.footpatrol.com
127.0.0.1 captcha.footdistrict.com
127.0.0.1 captcha.bstn.com
127.0.0.1 captcha.43einhalb.com
127.0.0.1 captcha.courir.com
127.0.0.1 captcha.kickz.com
2019-09-22 19:34 - 2020-11-11 20:42 - 000000527 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.67 android-bd025e45f95ff48d.mshome.net # 2020 11 3 18 19 42 15 133
192.168.137.1 DESKTOP-DU1T7SB.mshome.net # 2025 11 1 10 19 42 15 133
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Users\cress\AppData\Local\Programs\Python\Python38\Scripts\;C:\Users\cress\AppData\Local\Programs\Python\Python38\;C:\Users\cress\AppData\Local\Microsoft\WindowsApps;C:\WinNMP\bin;C:\Users\cress\AppData\Roaming\npm;C:\Users\cress\.dotnet\tools
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\Control Panel\Desktop\\Wallpaper -> c:\users\cress\downloads\x290-63s-int-sd-amg17077_sx012_1920x1080.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
VirtualBox Host-Only Network: NordVPN LightWeight Firewall -> NordLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Připojení k místní síti* 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Připojení k místní síti* 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SCM"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "WDDriveAgent"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\StartupFolder: => "Jarvee.lnk"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4DD8148A-20B3-464A-9476-FEFB2593BA0F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{799CC783-0103-4F84-A233-6779E1404788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BDD07936-A496-4D3E-962F-9D97C6C16F53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A5FF147D-0E6D-40EC-B709-2747614EB3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E23558D9-EF77-477D-B8B9-7EECA5BBE960}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6E1ED25-5676-458E-809F-A05041068E05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{069532C5-C17C-4DBC-A343-960FA05B200F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8228E3A-34A9-44EA-B955-BFEDA93E8C89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B6EC48C-ADB9-4169-BFDD-D9A4F41071DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1FCBDF0-B50F-4C36-A399-1CB09A7377E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B094CD8D-0F48-4623-900D-08981825508A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD68E7D1-57E8-4C55-AEC6-7376A555C396}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1AA16847-46BF-4448-8A2B-0481E60AE448}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0F070E9-D73E-40AE-A212-D2E88DC79A73}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F0141E1-75F2-4DE7-A617-EFA228DA6B6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0D0FF3D1-C5F3-4BA7-BA60-2CB330D0EC4B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69369527-A410-495B-882E-2E3BC7ED759F}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{9134C304-B8A1-435C-8DE6-16804DAA200B}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{4852653F-E895-4201-B917-951514BDA1C1}C:\users\cress\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cress\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{E5CE321A-9466-4D00-8199-FC88960F3A8A}C:\users\cress\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cress\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{412618CF-9A78-4422-8380-D3596BFD1A5F}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1BF6A15B-A468-4A10-BB16-D46FA251CF48}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{374CD6B4-F9F4-4806-9FAC-3AB7141815E7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [UDP Query User{B0E8695D-36BA-4689-B91E-237F54C757CA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [TCP Query User{5EED9D55-1D1A-43A9-B1DB-06D429D09F09}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [UDP Query User{D2566759-1D13-4DCF-9D12-90EE19EF3387}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [TCP Query User{341992FD-9A22-4C56-AF65-22EBF6070114}C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [UDP Query User{8D8F70AA-AF98-4744-BDAB-44E0EC308DB9}C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [{1545CFD0-1390-414D-86E9-3E1467D4BEF0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5906DC63-F761-4BF2-A0EE-CA653B5560EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80CB8069-A052-452A-9654-4EAFCA8CBE7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{883BE32B-8EE4-4FC3-B459-26F798226B8B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{15C17F15-23B2-460B-A2C8-E3BBDD738FD1}C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [UDP Query User{B75596E5-EB53-4354-9984-F6841324618B}C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [TCP Query User{C245C202-2746-4795-A5C0-F74E522D586D}C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{87786C75-372F-4F97-A109-63FE3C40E8B8}C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [{2BDA4700-B4E4-487C-927A-0E071F9D9242}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{997ED9CB-BADA-4F08-8BFE-A10595070848}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{15194BF6-2B06-4E09-96FC-9F87931FE873}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{31B57CF5-4AAF-4CE4-8115-8AE6481612A7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe => No File
FirewallRules: [{28828AA4-3E49-456B-AE9D-BB45698CBD22}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe => No File
FirewallRules: [{1C9D58EC-74EC-4D43-A3E7-EADE7BD83B43}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe => No File
FirewallRules: [{8A1449E3-D1B6-405C-90BC-2BE19B968EED}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe => No File
FirewallRules: [{F7B14517-BFF1-49C6-8592-B265E59E3521}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{14EC0496-E933-4F16-8359-DE7C0CD7E869}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3056813E-9F81-40E1-AAE0-E696198FBE83}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{39BBA9B3-4B73-412E-B989-861AB57C85C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6566352A-317C-4A5F-B13A-D7AE10054655}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{3A57C85F-8B26-4B3A-B7A5-C26237A15887}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{C6813A76-FE20-4A86-A28A-3A69119E2601}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{02F11B73-BD1B-437D-A8FE-89787DF1470F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{6725EC55-FB92-4004-B8EC-9B4B6C3FE753}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5685E310-BC4D-419B-935E-3D0C86CE4761}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9E1E2C4-977D-4985-9F38-1956DC273D9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1B81DABC-2312-4972-9CB2-E3AB19E040D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{70E68065-67F0-409C-AEF4-731EA0E4B65F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{57C72C61-2A22-4EEC-BD30-9B2AD32F9284}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9928F525-2647-4403-8CBE-2B50FDB96771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{9677A417-DFB2-4EE7-9DD4-97830A905056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{9EB7029E-A173-457F-8AED-15D751487E01}] => (Allow) LPort=32682
FirewallRules: [{D40C8782-5752-4EBC-AA01-7595D9FE7EEC}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{31CC9B52-47D0-412A-A4B5-825DEBC832E5}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D2190C1-FEC3-4E86-864F-5554911278DB}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{15C217AC-F61E-41C8-A54E-B35D0567B245}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA4ED2AD-1930-406A-B3C4-EE72199BE330}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
22-12-2020 01:13:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
01-01-2021 15:43:58 Scheduled Checkpoint
05-01-2021 03:35:34 Installed Oracle VM VirtualBox 6.1.16
==================== Faulty Device Manager Devices ============
Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/12/2021 03:21:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: electrum-4.0.9-portable.exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x4344faec
Identifikácia chybujúceho procesu: 0x2e5c
Čas spustenia chybujúcej aplikácie: 0x01d6e8751c515575
Cesta chybujúcej aplikácie: J:\electrum-4.0.9-portable.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 67cdfbfb-a3ed-42ae-9ce0-b6c3e5329832
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).
System errors:
=============
Error: (01/12/2021 03:29:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.
Error: (01/12/2021 03:29:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DU1T7SB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/12/2021 03:27:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.
Error: (01/12/2021 03:21:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/12/2021 03:19:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.
Error: (01/12/2021 02:56:14 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DU1T7SB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (01/12/2021 02:54:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.
Error: (01/12/2021 02:52:30 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2019-11-17 19:15:14.189
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {359B0B42-77EC-4950-A118-0EA62FAC8479}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-14 21:28:53.950
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {87A933D0-0EF2-4D0F-8E37-619DAA357311}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-12 18:12:09.192
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {807EF7EE-FC59-4478-977D-422F2C79CFB3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-08 19:39:31.413
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {70287F94-928D-4BB8-8820-190FFDCF11C2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-08 18:37:57.130
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D8E0C1B7-7E55-48D7-9889-0E8882137510}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-27 13:38:48.463
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2019-10-10 10:58:59.271
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.301.1812.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16300.1
Error code: 0x80240017
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
CodeIntegrity:
===================================
Date: 2021-01-12 01:39:51.410
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-12 01:39:51.398
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 22:10:18.507
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 22:09:40.132
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 12:57:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 03:46:26.168
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 03:46:26.125
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-01-11 01:08:16.888
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10D 10/18/2018
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 16227.93 MB
Available physical RAM: 10808.89 MB
Total Virtual: 20195.93 MB
Available Virtual: 11789.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:355.04 GB) NTFS
Drive d: (EFI) (Fixed) (Total:0.34 GB) (Free:0.34 GB) FAT32
Drive f: (DriverCD) (Fixed) (Total:10 GB) (Free:5.6 GB) NTFS
\\?\Volume{fe77aca9-e971-4a4d-8357-a99310c22fd3}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{49751851-4910-40d2-b879-442dcbd8d2da}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
\\?\Volume{c323f095-dbc8-11e9-a836-00d8610781b1}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{a2894d25-2335-11ea-a873-00d8610781b1}\ () () (Total:0 GB) (Free:0 GB)
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: CDC3DF88)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 7D51BCAF)
Partition: GPT.
==========================================================
Disk: 2 (Size: 953.9 GB) (Disk ID: EBABC8A3)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivna kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivna kontrola
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivna kontrola
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-15-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2441 octets] - [18/12/2019 14:12:13]
AdwCleaner[C00].txt - [2438 octets] - [18/12/2019 14:12:38]
AdwCleaner[S01].txt - [1589 octets] - [15/01/2021 03:33:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-15-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2441 octets] - [18/12/2019 14:12:13]
AdwCleaner[C00].txt - [2438 octets] - [18/12/2019 14:12:38]
AdwCleaner[S01].txt - [1589 octets] - [15/01/2021 03:33:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivna kontrola
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?