Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivni kontrola PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
psychiq
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 01 bře 2021 21:25

Preventivni kontrola PC

#1 Příspěvek od psychiq »

Ahoj,
prosím o preventivní kontrolu logu PC. Děkuji vám za váš čas.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by gereg (administrator) on PSYCHIQPC (Micro-Star International Co., Ltd. MS-7B79) (01-03-2021 21:38:55)
Running from E:\Firefox Download
Loaded Profiles: gereg
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute SAS -> A-Volute) C:\Users\gereg\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7342\Agent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) D:\Hry\Battle.net\Battle.net.exe <3>
(GlassWire -> SecureMix LLC) D:\Programy\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) D:\Programy\GlassWire\GWIdlMon.exe
(INMUSIC BRANDS INC -> Akai Professional) C:\Program Files (x86)\Akai Professional\AMX\AudioDevMon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit Information Technology -> IObit) D:\Programy\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Nahimic\NahimicMonitorX64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\CZC\GamingMouse\HID.exe [1597440 2020-03-05] (CZC) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\gereg\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files (x86)\Microsoft OneDrive\Update\OneDriveSetup.exe"
HKLM-x32\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files (x86)\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [1Password] => C:\Users\gereg\AppData\Local\1Password\app\7\1Password.exe [5254480 2021-02-06] (AgileBits Inc. -> AgileBits Inc.)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [GlassWire] => D:\Programy\GlassWire\glasswire.exe [8853400 2021-01-22] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [GUDelayStartup] => D:\Programy\Glary Utilities 5\StartupManager.exe [44344 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\MountPoints2: {fb0cf69e-2f51-11eb-baa5-2cf05d0bfa38} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\MountPoints2: {fb0cf6ee-2f51-11eb-baa5-2cf05d0bfa38} - "E:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * BootDefrag.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A88E44-D9CD-4E0E-BDDA-4262F5988482} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03B503C9-3DF0-43C9-A44A-4195F18DD8A9} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {0B1CC6F1-4D09-4C83-9EB4-E143958CB7F9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E00EB84-FDF7-4B5F-AAF3-40017B8FBDF5} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {26923921-F4B8-4343-A247-7A3232347F9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32C2E178-2B92-40EB-AE6D-7CF9E7DA997C} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {32D5B1C3-31EF-4BE3-A977-BA16B04624DB} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {34515680-22D6-485D-9ECC-B10B436106EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34645E23-7939-4343-9B0F-387691C03B7F} - System32\Tasks\klcp_update => D:\Programy\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-11] () [File not signed]
Task: {36EDA3E7-9BDD-483F-8B6E-36F2942FEB60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E855E0B-7CE0-4B12-838D-28D2E008E80A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA92424-FF4E-402E-B1A1-C61BD9B21EE6} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {47F5B2A0-8B39-4A1D-8C71-C6487E6A97DE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FA106C4-BC2F-47DE-80C4-DA5EF01B224E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51099A69-0370-497C-B3C1-397CC7173E40} - System32\Tasks\GU5SkipUAC => D:\Programy\Glary Utilities 5\Integrator.exe [917816 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
Task: {562A8B6B-5FF2-4FA9-9FAE-7760C100DADD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CD8392C-26C1-4EA2-B5B7-28F4920055C0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {636B27D6-6D6B-4484-A295-532BFB021FD0} - System32\Tasks\SmartShare => D:\Programy\LG Smart Share\SmartShareStart.exe [513216 2017-12-12] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {6D50231E-F13A-44C4-8A8E-4A2BD1E1F929} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7662ED25-4EA4-44CA-AA40-19B7EFE75002} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {773AA81E-86D8-4DA0-A947-D3E5005CC70A} - System32\Tasks\Uninstaller_SkipUac_gereg => D:\Programy\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-09-22] (IObit Information Technology -> IObit)
Task: {78AC390B-A9D8-454A-A75C-E8C5D49A142F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {7B7BF9C3-9750-4F99-B80B-0DC2839464DF} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {80DF1CA8-21A1-4989-B312-2410887FCDDF} - System32\Tasks\GlaryUpdate 5 => D:\Programy\Glary Utilities 5\CheckUpdate.exe [43832 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
Task: {85D4C1F0-530E-4215-A98E-8B9FED38592D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {872A7CD5-BEFF-489B-A57B-4AE49F0E60AB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2862440 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {957C052F-9097-4F88-B4AE-1B484C7B65AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1126320 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {984A67D1-77A4-4BC6-9287-9ABA1A223B6A} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {99FDE51F-0502-481C-AEA6-3957A4B6E5F3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A080A95D-6D7E-4EE0-8325-BA02FE55EAC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8882C4B-CC96-4947-BC26-BF50EDAE5AB0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {C5937CAF-7E7A-4F95-8C99-54E511784CB6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6C863D5-A5A5-48F2-934F-8F5F53C99479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE620A17-E836-4BCC-BA39-5D5614CB9D25} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [44720 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {D168B8AB-843E-4E4F-A0DC-788CB4FD753F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DCFC1955-588D-4B36-9F65-933D6353A86A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE338EB1-9DF7-4BA8-A0DE-31499AD84B6F} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1669128 2021-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {E9BAE799-6D67-4D73-93B6-6ECE0FC56566} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F037F5D2-B7D7-4C1A-8519-0E3B40E7D311} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F28A8B8B-1407-4499-934B-B6959073ABC8} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {FECAF2AE-94FF-40C8-9225-9252FDAA72F9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.138
Tcpip\..\Interfaces\{358cc6bf-ef21-4789-8c36-b336a5eec16c}: [DhcpNameServer] 192.168.1.1 10.0.0.138
Tcpip\..\Interfaces\{d2633ef3-a02c-4f32-a61f-0db4d43a81c5}: [DhcpNameServer] 192.168.1.1 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\gereg\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01]
Edge HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>

FireFox:
========
FF DefaultProfile: si6nocij.default
FF ProfilePath: C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\si6nocij.default [2020-08-31]
FF ProfilePath: C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release [2021-03-01]
FF DownloadDir: E:\Firefox Download
FF Extension: (Dark Reader) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\addon@darkreader.org.xpi [2021-02-23]
FF Extension: (To Google Translate) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (No Name) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\KeeperFFStoreExtension@KeeperSecurityInc.xpi [2021-01-16]
FF Extension: (uBlock Origin) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-02-05]
FF Extension: (AbyssYellow) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{adc5e39e-0f46-4326-a1c3-32681e673e00}.xpi [2021-01-26]
FF Extension: (Video DownloadHelper) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-01-26]
FF Extension: (Greasemonkey) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-30]
FF Extension: (Dark Fox) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-08-16]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Brave:
=======
BRA Profile: C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-01]
BRA DownloadDir: D:\Download\Firefox
BRA Extension: (Brave Local Data Files Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-07]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-02-11]
BRA Extension: (Brave NTP sponsored images) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-02-11]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-07]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-02-11]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-02-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2021-02-26] (Acronis International GmbH -> )
R2 AMXAudioDevMon; C:\Program Files (x86)\Akai Professional\AMX\AudioDevMon.exe [521304 2016-12-13] (INMUSIC BRANDS INC -> Akai Professional)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-20] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-02-26] (Microsoft Windows -> Microsoft Corporation)
S2 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-01-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\FileSyncHelper.exe [2198376 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; G:\GOG Galaxy\GalaxyClientService.exe [1741384 2021-02-07] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-08] (GOG Sp. z o.o. -> GOG.com)
R2 GlassWire; D:\Programy\GlassWire\GWCtlSrv.exe [6426008 2021-01-22] (GlassWire -> SecureMix LLC)
S2 IObitUnSvr; D:\Programy\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [131568 2021-01-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [35824 2021-01-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35848 2021-01-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\OneDriveUpdaterService.exe [2573160 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [144576 2021-02-11] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [511680 2021-02-11] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32400 2020-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1001736 2020-10-17] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 AMX1; C:\WINDOWS\System32\drivers\AkaiProfessionalAMX.sys [496248 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Akai Professional)
S3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 athrusb; C:\WINDOWS\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [27616 2021-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 Imf8HpRegFilter; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 IMFEFSFileControl; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2019-08-13] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 IUFileFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R3 MpKsl16352ff2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D693D98-B879-4556-B8A5-9283E644164E}\MpKslDrv.sys [47344 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [72208 2020-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2020-12-31] (Oculus VR, LLC -> Facebook Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2021-02-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-10-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-11-15] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VirtualAudioCable_83ed7f0e-2028-4956-b0b4-39c76fdaef1d; C:\WINDOWS\System32\drivers\vrtaucbl.sys [202672 2021-02-15] (Muzychenko Evgenii Viktorovich, IP -> EuMus Design)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-01 21:37 - 2021-03-01 21:39 - 000000000 ____D C:\FRST
2021-03-01 20:44 - 2021-03-01 20:44 - 000000901 _____ C:\Users\gereg\Desktop\HD Video Converter Factory Pro.lnk
2021-03-01 20:44 - 2021-03-01 20:44 - 000000000 ____D C:\Users\gereg\Documents\WonderFox Soft
2021-03-01 20:44 - 2021-03-01 20:44 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2021-03-01 20:20 - 2021-03-01 20:35 - 000000000 ____D C:\Users\gereg\Desktop\Snappy Driver Installer
2021-03-01 20:01 - 2021-03-01 20:04 - 000000000 ____D C:\Users\gereg\Desktop\ServiWin
2021-03-01 19:54 - 2021-03-01 19:55 - 000001359 _____ C:\Users\gereg\Desktop\Vyčištění pevného disku.lnk
2021-03-01 19:53 - 2021-03-01 19:53 - 000000600 __RSH C:\ProgramData\ntuser.pol
2021-03-01 17:37 - 2021-03-01 17:37 - 000000000 ____D C:\Users\gereg\AppData\Local\Rockstar_Games
2021-03-01 17:33 - 2021-03-01 17:33 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Goldberg SocialClub Emu Saves
2021-03-01 14:21 - 2021-03-01 14:47 - 000000000 ____D C:\Users\gereg\AppData\Local\Star Stable
2021-03-01 14:08 - 2021-03-01 14:21 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Star Stable Online
2021-03-01 14:08 - 2021-03-01 14:08 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online.lnk
2021-02-27 14:05 - 2021-02-27 14:05 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-02-27 14:05 - 2021-02-27 14:05 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 13:57 - 2021-02-27 13:57 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-02-27 13:57 - 2021-02-27 13:57 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-02-27 02:15 - 2021-02-27 02:17 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-02-27 02:15 - 2021-02-27 02:15 - 000001177 _____ C:\Users\gereg\Desktop\MSI Afterburner.lnk
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2021-02-27 00:09 - 2021-02-27 00:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-02-26 23:50 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001511184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000687896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-02-26 23:50 - 2021-02-24 12:57 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 008260888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 007391504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-02-26 23:50 - 2021-02-24 12:55 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-02-26 23:50 - 2021-02-24 12:54 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-26 23:50 - 2021-02-24 12:54 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-26 23:50 - 2021-02-24 02:50 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-26 21:16 - 2021-02-26 21:16 - 000000983 _____ C:\Users\gereg\Desktop\Apeaksoft Screen Recorder EN.lnk
2021-02-26 20:13 - 2021-02-26 20:13 - 000000000 ___HD C:\$SysReset
2021-02-26 20:05 - 2021-02-26 20:05 - 001048576 _____ C:\WINDOWS\system32\defltbase.sdb
2021-02-26 20:05 - 2021-02-26 20:05 - 000016384 _____ C:\WINDOWS\system32\defltbase.jfm
2021-02-26 19:46 - 2021-02-26 19:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 19:46 - 2021-02-26 19:46 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-26 19:26 - 2021-02-26 19:26 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-02-26 19:26 - 2021-02-26 19:26 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-26 19:26 - 2021-02-26 19:26 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-02-26 19:26 - 2021-02-26 19:26 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-26 17:52 - 2021-02-26 17:52 - 000000000 ____D C:\Users\gereg\AppData\Local\Acronis
2021-02-26 17:47 - 2021-02-26 17:52 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2021-02-26 17:47 - 2021-02-26 17:47 - 000883256 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000687768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000371144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000330176 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2441.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000330176 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000171968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2021-02-26 17:25 - 2021-02-26 17:49 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Acronis
2021-02-26 17:24 - 2021-02-26 17:52 - 000000000 ____D C:\ProgramData\Acronis
2021-02-26 17:24 - 2021-02-26 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2021-02-26 17:24 - 2021-02-26 17:24 - 000000000 ____D C:\Program Files (x86)\Acronis
2021-02-26 17:14 - 2021-02-26 17:14 - 000003216 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - MSI.True Color
2021-02-26 17:14 - 2021-02-26 17:14 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2021-02-26 17:13 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.sys
2021-02-26 16:49 - 2021-02-26 17:04 - 000000000 ____D C:\Users\gereg\AppData\Local\iTubeGo
2021-02-26 16:27 - 2021-02-26 16:27 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2021-02-26 16:27 - 2021-02-26 16:27 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2021-02-26 16:26 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.old
2021-02-26 16:26 - 2014-04-30 16:23 - 000011248 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2021-02-26 16:25 - 2021-02-26 16:25 - 000000000 ____D C:\Program Files (x86)\MSI
2021-02-24 18:49 - 2021-02-24 18:49 - 000000632 _____ C:\Users\gereg\Desktop\CCleaner64.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000632 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000624 _____ C:\Users\gereg\Desktop\CCleaner32.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000624 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner.lnk
2021-02-24 18:30 - 2021-02-24 18:30 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashboard.lnk
2021-02-24 18:30 - 2021-02-24 18:30 - 000002244 _____ C:\Users\gereg\Desktop\Dashboard.lnk
2021-02-24 18:26 - 2021-02-24 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2021-02-24 18:26 - 2021-02-24 18:26 - 000000000 ____D C:\Program Files (x86)\Seagate
2021-02-24 00:20 - 2021-02-24 00:20 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-02-24 00:19 - 2021-02-26 17:12 - 000000000 ____D C:\Program Files (x86)\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\ProgramData\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-02-24 00:18 - 2021-02-24 00:19 - 000000000 ____D C:\Program Files\Intel
2021-02-23 21:32 - 2021-02-23 21:32 - 010591864 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2021-02-23 21:32 - 2021-02-23 21:32 - 005333864 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2021-02-23 21:32 - 2021-02-23 21:32 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-02-23 21:32 - 2021-02-23 21:32 - 000133944 _____ (Samsung Electronics Co., Ltd) C:\WINDOWS\system32\Drivers\secnvme.sys
2021-02-23 21:32 - 2021-02-23 21:32 - 000063176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-02-23 21:24 - 2021-02-23 21:24 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Easeware
2021-02-23 21:24 - 2021-02-23 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2021-02-23 21:15 - 2021-02-23 21:15 - 000000042 _____ C:\WINDOWS\SysWOW64\guid.dat
2021-02-23 20:11 - 2021-02-23 20:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-23 20:01 - 2021-02-24 17:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-23 19:58 - 2021-02-23 20:08 - 000000000 ____D C:\ProgramData\A-Volute
2021-02-23 19:58 - 2021-02-23 19:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-02-23 19:54 - 2021-01-13 17:54 - 006021608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-02-23 19:54 - 2021-01-13 17:44 - 044132505 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-23 19:32 - 2021-02-23 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-02-23 18:08 - 2021-03-01 17:33 - 000000765 _____ C:\Users\gereg\Desktop\GTA V Redux CZ.lnk
2021-02-23 18:08 - 2021-02-23 18:08 - 000000765 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\GTA V Redux CZ.lnk
2021-02-21 14:16 - 2021-02-26 17:26 - 000002576 _____ C:\WINDOWS\system32\Tasks\SmartShare
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\WINDOWS\SysWOW64\SSFilter
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Software
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\ProgramData\LG Software
2021-02-21 14:16 - 2011-08-10 14:00 - 000378880 _____ C:\WINDOWS\SysWOW64\av_dll.dll
2021-02-21 14:16 - 2011-08-10 14:00 - 000020992 _____ C:\WINDOWS\SysWOW64\av_proxy.dll
2021-02-20 22:26 - 2021-02-26 19:01 - 000002594 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\ProgramData\Samsung
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-02-20 13:40 - 2021-02-20 13:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 11:46 - 2018-03-04 11:24 - 000054376 _____ (Trafficreg Software) C:\WINDOWS\system32\Drivers\tmeter.sys
2021-02-20 01:20 - 2021-02-20 01:20 - 000000917 _____ C:\Users\gereg\Desktop\Far Cry 2 CZ Remastered.lnk
2021-02-20 01:20 - 2021-02-20 01:20 - 000000917 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Far Cry 2 CZ Remastered.lnk
2021-02-20 00:40 - 2021-02-20 00:40 - 000001539 _____ C:\Users\gereg\AppData\Local\recently-used.xbel
2021-02-19 21:43 - 2021-02-19 21:43 - 000000234 _____ C:\Users\gereg\Desktop\WATCH_DOGS® 2.url
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\AppData\Local\Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\.QtWebEngineProcess
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\.Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\ProgramData\Origin
2021-02-19 20:50 - 2021-02-07 02:57 - 000125240 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2021-02-19 20:50 - 2021-01-26 06:21 - 000027616 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys
2021-02-19 20:12 - 2021-02-19 20:12 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-02-19 20:12 - 2021-02-19 20:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2021-02-19 20:12 - 2021-02-19 20:12 - 000000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2021-02-19 20:12 - 2021-02-19 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2021-02-19 20:00 - 2021-02-19 20:00 - 000000203 _____ C:\Users\gereg\Desktop\Counter-Strike Source.url
2021-02-16 18:52 - 2021-02-16 18:52 - 000000000 ____D C:\Users\gereg\AppData\Roaming\NVDCache
2021-02-16 18:51 - 2021-02-26 18:09 - 000000000 ____D C:\Users\gereg\AppData\Roaming\TunePat Spotify Converter
2021-02-16 18:51 - 2021-02-16 19:35 - 000000000 ____D C:\Users\gereg\Documents\TunePat Spotify Converter
2021-02-16 18:51 - 2021-02-16 18:51 - 000000000 ____H C:\Users\gereg\MJKJRegInfo_H6WMO2ROFJIFYIJLKZKOXK43HQ2CBSGQ
2021-02-16 18:44 - 2021-02-16 18:44 - 000000000 ____D C:\Users\gereg\AppData\Local\Wisdom-Soft
2021-02-16 18:39 - 2021-02-16 18:39 - 000000870 _____ C:\Users\gereg\Desktop\TunePat Spotify Converter.lnk
2021-02-16 18:39 - 2021-02-16 18:39 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tunepat
2021-02-16 17:45 - 2021-02-27 13:57 - 000000000 ____D C:\Users\gereg\AppData\Roaming\DiskDefrag
2021-02-16 17:44 - 2021-01-27 12:17 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-02-16 17:41 - 2021-02-16 17:41 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:11 - 2021-02-16 17:11 - 000000000 ____D C:\ProgramData\GlarySoft
2021-02-16 17:06 - 2021-02-16 17:06 - 000003656 _____ C:\WINDOWS\system32\Tasks\GlaryUpdate 5
2021-02-16 00:07 - 2021-02-26 17:42 - 000000000 ____D C:\Users\gereg\AppData\Roaming\HD Tune Pro
2021-02-16 00:07 - 2021-02-16 00:07 - 000000722 _____ C:\Users\gereg\Desktop\HD Tune Pro.lnk
2021-02-16 00:07 - 2021-02-16 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2021-02-15 19:07 - 2021-02-15 19:07 - 000000000 ____D C:\Users\gereg\Documents\GOG Galaxy
2021-02-15 18:15 - 2021-02-15 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OWN3D for OBS Studio
2021-02-15 18:12 - 2021-02-15 18:12 - 000000969 _____ C:\Users\gereg\Desktop\StreamElements OBS.Live.lnk
2021-02-15 18:05 - 2021-02-15 18:05 - 000202672 _____ (EuMus Design) C:\WINDOWS\system32\Drivers\vrtaucbl.sys
2021-02-15 17:01 - 2021-02-15 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2021-02-15 16:59 - 2021-02-15 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
2021-02-15 13:27 - 2014-04-09 08:49 - 000000000 ____D C:\Users\gereg\Desktop\GW2255_Win8
2021-02-12 20:20 - 2021-02-26 17:14 - 000000000 ____D C:\MSI
2021-02-12 19:12 - 2021-02-12 19:46 - 000000000 ____D C:\Users\gereg\Documents\Call of Duty Modern Warfare
2021-02-11 21:35 - 2021-02-11 21:35 - 000000000 ____D C:\Users\gereg\AppData\Local\IsolatedStorage
2021-02-11 20:54 - 2021-02-11 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2021-02-11 16:58 - 2021-03-01 21:34 - 000000000 ____D C:\Users\gereg\AppData\Roaming\MPC-HC
2021-02-11 16:45 - 2021-03-01 21:36 - 000000000 ____D C:\Users\gereg\AppData\Local\Battle.net
2021-02-11 16:45 - 2021-02-11 16:52 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Battle.net
2021-02-11 16:44 - 2021-02-11 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-02-07 20:06 - 2021-02-19 16:48 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-02-07 20:06 - 2021-02-07 20:06 - 000000000 ____D C:\Users\gereg\AppData\Local\BraveSoftware
2021-02-07 19:36 - 2021-02-07 19:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-07 19:36 - 2021-02-07 19:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-07 19:26 - 2021-02-16 17:08 - 000002208 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2021-02-07 19:26 - 2015-08-18 09:51 - 001692840 _____ (MSI) C:\WINDOWS\SysWOW64\muachost.exe
2021-02-07 19:20 - 2021-02-16 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2021-02-07 17:59 - 2021-02-07 17:59 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Adobe
2021-02-07 17:58 - 2021-02-07 17:58 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-07 17:57 - 2021-02-07 18:01 - 000000000 ____D C:\ProgramData\Adobe
2021-02-07 13:27 - 2021-02-07 13:27 - 000000000 ____D C:\WINDOWS\system32\%PROGRAMDATA%
2021-02-07 13:25 - 2021-02-16 17:07 - 000000000 ____D C:\Users\gereg\AppData\Roaming\GlarySoft
2021-02-07 12:02 - 2021-02-07 12:02 - 000000000 ____D C:\Users\gereg\AppData\Local\AMD_Common
2021-02-07 12:02 - 2021-02-07 12:02 - 000000000 ____D C:\ProgramData\AMD
2021-02-07 12:00 - 2021-02-07 12:00 - 000003472 _____ C:\WINDOWS\system32\Tasks\AMDAutoUpdate
2021-02-07 12:00 - 2021-02-07 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2021-02-07 12:00 - 2021-02-07 12:00 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2021-02-07 11:59 - 2021-02-07 11:59 - 000000000 ____D C:\Users\gereg\AppData\Local\Setup
2021-02-07 11:28 - 2021-03-01 17:33 - 000000000 ____D C:\Users\gereg\Documents\Rockstar Games
2021-02-07 11:27 - 2020-10-14 11:56 - 000114040 _____ (Au˜slogics) C:\WINDOWS\system32\ndefrg.exe
2021-02-07 11:12 - 2021-02-07 11:15 - 000000000 ____D C:\Users\gereg\AppData\Local\glasswire
2021-02-07 11:12 - 2021-02-07 11:12 - 000000000 ____D C:\ProgramData\GlassWire
2021-02-07 11:12 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2021-02-07 11:12 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2021-02-07 10:26 - 2021-02-23 19:34 - 000000000 ____D C:\Users\gereg\Desktop\realtek_audio_N_APO3_6.0.9088.1
2021-02-07 10:25 - 2020-12-22 03:46 - 000000000 ____D C:\Users\gereg\Desktop\7B79vHB1
2021-02-07 06:47 - 2021-02-07 06:47 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2021-02-07 04:31 - 2021-02-07 04:31 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Unity
2021-02-07 03:15 - 2019-03-02 17:03 - 000000000 ____D C:\Users\gereg\Desktop\ps4-exploit-host
2021-02-06 05:55 - 2021-02-06 05:55 - 000001371 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2021-02-06 03:13 - 2021-02-06 03:13 - 000003019 _____ C:\Users\gereg\Desktop\Keeper Password Manager.lnk
2021-02-06 03:13 - 2021-02-06 03:13 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keeper Security, Inc
2021-02-06 03:12 - 2021-02-26 18:29 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Keeper Password Manager
2021-02-06 03:12 - 2021-02-16 18:22 - 000000000 ____D C:\Users\gereg\AppData\Local\keeperpasswordmanager
2021-02-01 22:09 - 2021-01-08 03:21 - 001147352 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-02-01 17:21 - 2021-02-01 17:21 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-02-01 17:01 - 2021-02-15 21:52 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-01 17:01 - 2021-02-07 09:45 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-30 16:36 - 2021-01-30 16:36 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Creepy Jar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-01 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-01 21:20 - 2020-08-16 23:32 - 000000000 ____D C:\Users\gereg\AppData\Roaming\qBittorrent
2021-03-01 19:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-01 19:37 - 2020-08-16 22:53 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Mozilla
2021-03-01 19:37 - 2020-08-16 22:53 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-01 19:36 - 2020-09-16 22:15 - 000000000 ____D C:\Users\gereg\AppData\Local\CrashDumps
2021-03-01 19:31 - 2020-10-27 21:51 - 000007681 _____ C:\Users\gereg\AppData\Local\Resmon.ResmonCfg
2021-03-01 19:20 - 2020-08-20 17:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-01 17:17 - 2020-09-08 17:46 - 000000000 ____D C:\Users\gereg\AppData\Roaming\RenPy
2021-03-01 16:11 - 2020-08-16 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-27 14:05 - 2021-01-13 06:26 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-02-27 14:05 - 2020-08-16 22:30 - 000000000 ___RD C:\Users\gereg\OneDrive
2021-02-27 14:04 - 2020-08-16 22:29 - 001693576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-27 14:04 - 2019-12-07 15:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-27 14:04 - 2019-12-07 15:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-27 14:00 - 2021-01-08 17:31 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-27 14:00 - 2020-11-06 00:40 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 14:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-27 13:57 - 2020-08-16 22:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-27 13:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-27 03:48 - 2020-12-31 12:10 - 000000000 ____D C:\Users\gereg\AppData\Local\Oculus
2021-02-27 03:48 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-27 03:47 - 2020-11-08 09:58 - 000000000 ____D C:\Users\gereg\AppData\Roaming\uTorrent
2021-02-27 01:50 - 2020-12-31 12:21 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Oculus
2021-02-27 01:17 - 2020-09-19 20:08 - 000000000 ____D C:\Users\gereg\AppData\Roaming\discord
2021-02-27 00:12 - 2020-08-17 01:50 - 000000000 ____D C:\Users\gereg\AppData\Local\D3DSCache
2021-02-26 20:13 - 2020-08-31 16:40 - 000000000 ____D C:\ProgramData\ProductData
2021-02-26 20:07 - 2020-08-16 22:21 - 000751624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-26 20:07 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-26 19:35 - 2020-08-16 22:27 - 000000000 ____D C:\Users\gereg
2021-02-26 19:27 - 2021-01-13 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-26 17:22 - 2020-12-31 12:22 - 000000000 ____D C:\Users\gereg\AppData\Roaming\OculusClient
2021-02-26 17:19 - 2021-01-06 23:23 - 000000000 ____D C:\Users\gereg\Desktop\Programy
2021-02-26 17:14 - 2020-10-11 17:03 - 000000000 ____D C:\Program Files\ENE
2021-02-26 17:14 - 2020-08-16 23:02 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-24 18:50 - 2020-10-17 16:12 - 000000000 ____D C:\Temp
2021-02-24 17:48 - 2020-08-16 22:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 21:15 - 2020-08-16 22:29 - 000000000 ____D C:\Users\gereg\AppData\Local\Packages
2021-02-23 20:11 - 2020-08-16 22:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-23 20:08 - 2020-08-16 22:30 - 000000000 ____D C:\Users\gereg\AppData\Local\PlaceholderTileLogoFolder
2021-02-23 19:55 - 2020-08-16 23:05 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-02-23 19:54 - 2020-08-16 23:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-23 19:35 - 2020-08-16 23:02 - 000000000 ____D C:\AMD
2021-02-20 03:43 - 2021-01-06 21:01 - 000000000 ____D C:\Users\gereg\Documents\My Games
2021-02-20 02:49 - 2021-01-07 23:16 - 000000000 ____D C:\Users\gereg\AppData\Local\Ubisoft Game Launcher
2021-02-20 01:07 - 2021-01-07 16:52 - 000000000 ____D C:\Users\gereg\dwhelper
2021-02-20 00:40 - 2020-11-16 09:19 - 000000000 ____D C:\Users\gereg\AppData\Local\babl-0.1
2021-02-19 16:51 - 2020-10-29 19:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-19 16:46 - 2020-12-14 19:07 - 000000000 ____D C:\Users\gereg\AppData\Roaming\TeamViewer
2021-02-19 16:46 - 2020-08-16 23:02 - 000000000 ____D C:\Program Files\WinRAR
2021-02-16 20:27 - 2021-01-07 21:39 - 000001087 _____ C:\Users\gereg\Desktop\Half Life Alyx.lnk
2021-02-16 20:14 - 2021-01-13 17:50 - 000000000 ____D C:\Users\gereg\AppData\Roaming\obs-studio
2021-02-16 17:51 - 2020-11-25 21:55 - 000000000 ____D C:\Users\gereg\.android
2021-02-16 17:44 - 2020-08-16 22:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-16 17:41 - 2020-08-20 17:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-16 17:41 - 2020-08-16 22:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-16 17:35 - 2020-08-16 23:02 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-16 17:35 - 2020-08-16 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-16 17:12 - 2021-01-06 23:23 - 000000000 ____D C:\Users\gereg\Desktop\Hry
2021-02-16 17:08 - 2020-11-06 00:40 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-16 17:08 - 2020-11-06 00:40 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-16 17:08 - 2020-08-20 17:01 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2021-02-16 17:08 - 2020-08-20 17:01 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2021-02-16 17:03 - 2021-01-06 23:23 - 000001386 _____ C:\Users\gereg\Desktop\License code of IObit Malware Fighter.txt
2021-02-15 22:11 - 2020-11-16 14:13 - 000000000 ____D C:\Users\gereg\.idlerc
2021-02-15 17:01 - 2020-08-31 12:20 - 000000000 ____D C:\ProgramData\Apple Computer
2021-02-13 20:19 - 2020-08-16 22:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 20:17 - 2020-08-16 22:32 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 18:38 - 2020-08-16 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 00:04 - 2020-12-31 12:17 - 000000000 ____D C:\Program Files\Oculus
2021-02-11 16:52 - 2020-08-17 00:50 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-02-11 16:50 - 2020-11-13 09:16 - 000003158 _____ C:\WINDOWS\system32\Tasks\klcp_update
2021-02-11 16:42 - 2020-08-17 00:27 - 000000000 ____D C:\ProgramData\Battle.net
2021-02-11 16:20 - 2020-08-20 17:36 - 000000000 ____D C:\Users\gereg\AppData\Local\Downloaded Installations
2021-02-11 16:20 - 2020-08-20 17:18 - 000000000 ____D C:\Program Files\AMD
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-07 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-07 19:41 - 2020-09-17 13:47 - 000000000 ____D C:\Users\gereg\AppData\Local\Adobe
2021-02-07 17:59 - 2020-08-16 22:29 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Adobe
2021-02-07 13:45 - 2020-08-16 23:02 - 000000000 ____D C:\Users\gereg\AppData\Local\NVIDIA
2021-02-07 13:44 - 2020-08-31 16:40 - 000000000 ____D C:\Users\gereg\AppData\Roaming\IObit
2021-02-07 13:44 - 2020-08-31 16:40 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\IObit
2021-02-07 13:44 - 2020-08-20 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-02-07 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-02-07 12:46 - 2020-12-15 18:56 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-02-07 12:05 - 2020-08-16 23:02 - 000000000 ____D C:\Program Files (x86)\AMD
2021-02-07 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-07 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-07 10:37 - 2020-09-01 17:15 - 000000000 ____D C:\Program Files\Rockstar Games
2021-02-07 10:37 - 2020-09-01 17:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-02-07 10:36 - 2020-12-15 20:19 - 000000000 ____D C:\Program Files (x86)\Western Digital
2021-02-07 09:30 - 2021-01-20 17:09 - 000000000 ____D C:\ProgramData\Doctor Web
2021-02-07 09:23 - 2021-01-08 20:31 - 000001066 _____ C:\Users\gereg\Desktop\VRParadise – zástupce.lnk
2021-02-07 05:14 - 2020-11-08 13:51 - 000000000 ____D C:\Users\gereg\AppData\Local\Abelssoft
2021-02-07 05:09 - 2020-08-16 22:32 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-07 05:08 - 2021-01-20 17:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Doctor Web
2021-02-07 05:08 - 2021-01-15 23:19 - 000000000 ____D C:\Program Files\Common Files\AV
2021-02-07 05:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-06 05:55 - 2020-09-08 12:37 - 000000000 ____D C:\Users\gereg\AppData\Local\1Password
2021-02-05 19:19 - 2020-11-15 18:05 - 000000000 ____D C:\Program Files\CZC G GK1000
2021-02-05 18:13 - 2020-12-16 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-02-02 00:32 - 2020-12-31 12:21 - 000000000 ____D C:\ProgramData\Oculus
2021-02-01 22:09 - 2020-08-16 23:04 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-01 16:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2021-02-20 00:40 - 2021-02-20 00:40 - 000001539 _____ () C:\Users\gereg\AppData\Local\recently-used.xbel
2020-10-27 21:51 - 2021-03-01 19:31 - 000007681 _____ () C:\Users\gereg\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by gereg (01-03-2021 21:40:50)
Running from E:\Firefox Download
Windows 10 Pro Version 20H2 19042.844 (X64) (2020-08-16 21:24:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2672217650-3271366909-1307559834-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2672217650-3271366909-1307559834-503 - Limited - Disabled)
gereg (S-1-5-21-2672217650-3271366909-1307559834-1001 - Administrator - Enabled) => C:\Users\gereg
Guest (S-1-5-21-2672217650-3271366909-1307559834-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2672217650-3271366909-1307559834-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
1Password (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\1Password) (Version: 7.6.791 - AgileBits Inc.)
Acronis True Image (HKLM-x32\...\{831FFE5C-11F4-4E48-A3A5-8535FC93B75A}) (Version: 24.6.25700 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Akai Professional AMX 1.0.11 (HKLM\...\{705A3600-8492-4B1F-9B30-A104AD494ABD}) (Version: 1.0.11 - Akai Professional)
Aktualizace NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Apeaksoft Screen Recorder EN (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\{A559093D-FCCB-1B3D-5504-74D07E48A7FB}) (Version: v.1.3.22 EN - libbi)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{97e1a863-427f-481e-b259-b691eb7b45cd}) (Version: 21.0.1 - Intel Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beat Saber (HKLM-x32\...\Beat Saber_is1) (Version: - )
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z MSI 1.94 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.94 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.12 - GOG.com)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
CZC Gaming Mouse (HKLM-x32\...\{BBF3868B-3246-46FD-B02D-CA81A73EE05D}_is1) (Version: 1.0 - Dragonwar)
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 3.2.2.9 - Western Digital Corporation)
Discord (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
Far Cry 2 CZ Remastered Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods (HKLM-x32\...\Far Cry 2 CZ Remastered Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods) (Version: Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods - Libbi - Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Glary Utilities 5.160 (HKLM-x32\...\Glary Utilities 5) (Version: 5.160.0.186 - Glarysoft Ltd)
GlassWire 2.2 (remove only) (HKLM-x32\...\GlassWire 2.2) (Version: 2.2.291 - SecureMix LLC)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GTA V Redux CZ Mr.Goldberg v.1.0.2060 - Redux v.1.9 (HKLM-x32\...\GTA V Redux CZ Mr.Goldberg v.1.0.2060 - Redux v.1.9) (Version: Mr.Goldberg v.1.0.2060 - Redux v.1.9 - Libbi)
Half Life Alyx (HKLM-x32\...\Half Life Alyx_is1) (Version: - )
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HD Video Converter Factory Pro 21.3 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 21.3 - WonderFox Soft, Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.23 - IObit)
Keeper Password Manager (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\keeperpasswordmanager) (Version: 15.0.16 - Keeper Security, Inc.)
K-Lite Codec Pack 16.0.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.1 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MSI Afterburner 4.6.3 Beta 5 (HKLM-x32\...\Afterburner) (Version: 4.6.3 Beta 5 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0201.01 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OWN3D for OBS Studio version 1.4.7.0 (HKLM\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.4.7.0 - Own3d media GmbH)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.3 (HKLM-x32\...\qBittorrent) (Version: 4.3.3 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9102.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
RivaTuner Statistics Server 7.3.0 Beta 10 (HKLM-x32\...\RTSS) (Version: 7.3.0 Beta 10 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Serato DJ Pro (HKLM\...\{9E2FC135-841E-43A0-B614-6BF06B7C5ADB}) (Version: 2.4.5.77 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{95f204a9-9277-4ea9-8cbb-9a6ed53c3f54}) (Version: 2.4.5.77 - Serato Limited)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1712.1201 - LG Electronics Inc.)
Star Stable Online 2.7.3 (HKLM-x32\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.7.3 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.23.684 - StreamElements)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
The Walking Dead CZ Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie (HKLM-x32\...\The Walking Dead CZ Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie) (Version: Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie - Libbi)
The Walking Dead Saints and Sinners (HKLM-x32\...\The Walking Dead Saints and Sinners_is1) (Version: - )
TunePat Spotify Converter 1.3.2 (HKLM-x32\...\TunePat Spotify Converter) (Version: 1.3.2 - Tunepat)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 93.1 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2007.3014.0_x64__8wekyb3d8bbwe [2021-02-15] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p [2021-02-23] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2021-02-16] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-07] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.5.7.0_x64__w2gh52qy24etm [2021-02-23] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-27] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-23] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{04271989-C4D2-4432-05A6-96DCEB2E166C} -> [OneDrive - Thermo Fisher Scientific] => D:\OneDrive - Thermo Fisher Scientific [2020-09-07 13:38]
CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\gereg\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-26 17:13 - 2017-08-03 05:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll
2021-02-26 16:27 - 2005-07-19 04:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Support\unrar.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 104869376 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libcef.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000112128 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libegl.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 006227456 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libglesv2.dll
2020-04-07 15:50 - 2020-04-07 15:50 - 024490144 _____ (Acronis International GmbH -> ) [File not signed] [File is in use] C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2021-02-26 17:13 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-23 21:15 - 2021-02-23 21:15 - 001612800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p\DCv2\SQLite.Interop.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000810496 ____C (The Chromium Authors) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\chrome_elf.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000047104 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\audio\qtaudio_windows.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000026112 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qgif.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000027136 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qico.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000243712 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qjpeg.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000223744 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qmng.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000020992 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qsvg.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000332288 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qtiff.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 001140224 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\platforms\qwindows.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 004943360 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Core.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 005022208 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Gui.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000626176 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Multimedia.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000877056 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Network.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 002908672 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Qml.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 003078656 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Quick.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000259072 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Svg.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 004718080 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Widgets.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000439296 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5WinExtras.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000159232 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Xml.dll
2021-02-26 17:13 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Programy\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\sharepoint.com -> hxxps://thermofisher-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-20 18:42 - 2021-02-26 17:45 - 000001305 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;D:\Programy\QuickTime\QTSystem\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1 - 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKLM\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Spectrum"
HKLM\...\StartupApproved\Run32: => "CZC G GK1000"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "APP Manager"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "1Password"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B16463CC-001B-41C5-978D-C7C017124BC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BFC228B-7D82-4C05-BB43-D44D9A224802}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E47FF9C-C818-45B0-B198-136127960AD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D8A7879-C71E-474C-AE02-3C42FC868965}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B76D05E2-DDAD-438C-B433-62C0D5E9CA64}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{50CB931B-A9F2-4A39-89CB-95DD95915B7A}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E0CBB3B7-EA81-49F6-9718-106FFDC9F091}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1F9CA27B-43FD-473E-A5FD-F00ED4DAA7E2}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A4D0D4B3-5C5C-444A-946A-A68F5709866F}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{694E9FF0-7E78-40F1-9597-0FF8E0E7ECE2}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{026BE749-53FC-49A9-982A-3DEC181459EC}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{181FB2ED-52B1-4C1B-8CEA-EC640A01CA1A}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2EF6AD3B-6F4C-4CD8-97CD-F93914BBE707}] => (Allow) D:\Hry\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{D199307E-394D-4B02-990F-CD207A35FB08}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{66A26018-47FE-4CDB-9773-360B59563D21}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{6A46482A-0691-4FF2-8BB8-3812DF4E96BF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C5E89CCB-7DFC-4236-98A7-AF5DBEEDEB0B}G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{2B594DE0-27A2-4E82-9D73-39EBCF60C0A1}G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{2554BE20-5EA6-4240-BA9E-CC72B515AB68}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{E29EF54D-149B-4149-A8B9-5DD60890DB7C}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{39B95B22-5B77-4FA1-9FD0-B8EB9FD91EA4}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{E10684AC-AA1D-4A05-9575-24286844A30B}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AF1F4855-FBFE-42E7-B0E9-512C5F1E0973}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{CB8B30CA-3F4D-4DBC-BFBA-D105B03DC0E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{952CF643-715F-4169-9E3D-D4F98BF964BC}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{FD1F4243-06B0-4915-8F85-400967831D36}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{316510E6-3CC3-4F1B-96E7-89BCE7D8398F}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D74E462C-B431-405D-9896-9F24CCBC98C9}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C5F70233-0DEC-401B-BDBA-E162B2444C91}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6D92E986-805D-48E0-8A3C-561AEF1A4DF9}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{548E330A-B79F-4D5D-B2FD-82326F526D08}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E4B3FA97-ABB2-47B4-84E9-B11BB5FE5E03}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E36A72E9-FFD1-4B0F-A9C5-7E713CF0251C}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{E064F689-7590-47CF-828B-5824F5A629DF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{41DADEAA-1167-4FE9-89EC-0ED15FABA558}] => (Allow) D:\Hry\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D6E0FA28-C1E3-4309-BCDE-593317FD9E01}D:\hry\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\hry\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{E124281B-5A5F-43FB-B4F2-CDF50B4684F5}] => (Allow) D:\Hry\ANNO1800\Bin\Win64\Anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [{AA85BF28-B14C-44FA-AE0A-29D3626DAB98}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen.exe () [File not signed]
FirewallRules: [{8B138075-F474-449A-895A-F171081C8617}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen.exe () [File not signed]
FirewallRules: [{EEB47832-1CAB-42F6-8567-8FAF5C503EB7}] => (Allow) D:\VR\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{870C626A-AAD0-43E3-9204-79909D40F2CB}] => (Allow) D:\VR\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{BA5EE798-A0B7-4EC4-B58E-D1E05D5F6E26}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9860C4F8-020F-4EB9-A09C-C4293BC0ED0E}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{D6441DB3-49B0-4C68-A5F0-6D01C8030601}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [File not signed]
FirewallRules: [{D2191E50-4E0D-4E2F-9247-7DCF84926E34}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [File not signed]
FirewallRules: [{194CA2AB-F23E-4BB5-B866-D89B0EED6682}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [File not signed]
FirewallRules: [{B3C95B4E-4F9A-4FEC-9D2B-CD3F87DE5808}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [File not signed]
FirewallRules: [{7CEFCDB8-5E4D-4053-8A83-CB978DFD1A4B}] => (Allow) D:\Hry\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{7018F910-226D-4F6D-91C7-8A4FF51FB2D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A5855EF-AE69-4418-A267-4DEB2FABB5B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33567586-FCDC-4DA1-A3FD-74B48B1C6210}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F26B2DF1-4863-447E-B1E1-CEA776EB0705}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7283B11-97E5-4EB4-9411-321373AFADC4}] => (Allow) D:\Programy\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{FF03C81E-C93D-48C5-9CC3-956F38BB57A0}] => (Allow) D:\Programy\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{0BDA26A5-EA90-433C-A83E-93379AF61D0F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09C57FB6-27A7-4EE8-A0FF-B1C82F001026}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2F2D812-35DD-4379-B999-2040CC45E1E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB728999-FC6B-4F23-B27C-5778603549A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{719DACE9-1911-4514-A216-C407EE142885}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93925008-AB68-4692-BB97-DC5BA0A6DB08}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BCC70102-773D-4410-99B4-41473B293F05}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{891F1DD4-3E9B-43E9-8A0C-C9D78FAC72B7}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{8393B434-370D-45E3-B9B5-5410DCFEEEB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{647DDBC8-0E5D-4E91-BC8E-5C2799E93740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72B8B574-5F41-4D11-AA02-D858CE301CFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B3BCD86-C9A4-4E44-934D-9A40572818E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ADFC178-2F90-4C20-BC93-A800184B4FA5}] => (Allow) D:\Hry\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BA8802A9-4C8A-48C9-B0AD-1FB284854C77}] => (Allow) D:\Hry\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{169EC98F-5F27-424B-AAC9-5BE3CD3E3449}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{CEB1CE89-9980-4C7A-8EB8-B279163FB799}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{4534918E-37B1-499C-8F58-57300CFB9F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{065E7D3E-593E-411D-9DB5-FFB2AF55DC5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B850CCE1-B0BE-4A6C-AD36-A749FE7825C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0AD676B0-B688-4495-8054-5D9F5961344A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{577953E3-9A63-4DB1-9F07-C419F89D328D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{888E3F06-2225-4F14-8FB0-19B10410E6B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D057FB0-592E-4319-9554-412D7E347487}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75B56FA6-0B65-4C78-BFE4-B25AD540129F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{12D6C6CE-AA0F-4108-8A21-2E3D72C1723B}] => (Allow) D:\Programy\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{6E3ECF59-3B4E-49D9-99E0-A407A02FB578}] => (Allow) D:\Programy\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{D2C29BDF-5117-428D-912C-1854A6415E01}] => (Allow) D:\Programy\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{7A2B8561-1EB9-4107-939E-FBD34F359F52}] => (Allow) D:\Programy\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{BB69E407-3FDC-470C-84E0-9E5539662B67}] => (Allow) D:\Programy\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{FB438F9B-0D60-4B5B-83B3-39D6BE2B325E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{35A3C723-1BE1-476A-9394-7EAB31B02D6E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{65DD1F77-29C8-4E99-9478-288233BE1275}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{6CE1CBA3-A1B1-4DC6-A318-A9CE0C03A024}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{B99DDCCC-F29F-4BB5-9AA1-A9D31AF9E18D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{19147207-9C42-487F-AEA4-7F94D8FE1202}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{4C8441AB-B16D-49B2-90EB-CD5ED9425C79}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{D79E7942-AA9E-4865-ABE4-430F13F994C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{A50E17F9-3FE0-482B-B860-0BCE548E89B0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{02F09D3E-1726-4598-B6C9-DDD1EE5F89C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{FD2A8533-389D-492B-A850-6A98CA00E976}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0AD70071-9DF5-40E8-B968-B9C6E23675D8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{11F2AC9D-7DD3-4DB9-B625-FB3EB654DA6B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{4E849EA1-2110-4831-9EE0-272E3270D71D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{6364A584-E04E-4F23-B438-2D3500157C02}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{8FC35490-8973-40C0-A9C3-C5B5C2E94C6D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{0ABE1D75-42CA-44E4-B779-32E824BA99E0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{936AA0F1-D3B6-458A-AAA3-3A2299EE4711}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe (Acronis International GmbH -> )
FirewallRules: [{286AC1DA-C659-4C76-987B-4A99519F83A2}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{D258B733-0E0D-4DC5-AC69-3D502659A0F1}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{EA82B8D3-94F6-4573-9391-9BFE7D5FCF24}] => (Allow) LPort=32682
FirewallRules: [{56AFEBB1-4446-4AB5-B6A3-B9228ADF08EC}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E9C855A5-FECF-40A3-AB83-D03987C0F4BE}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DD8008B0-0C48-4EB7-B2DC-AEA109DEF99E}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17BC36F5-3868-4860-A0F6-6151F6CD4991}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38656CF8-B892-4527-84EA-C0D113693229}] => (Allow) F:\Games\GTA V Redux CZ\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DFB3AF49-EEF5-4EC4-AE75-B1B0420BC1B1}] => (Allow) F:\Games\GTA V Redux CZ\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{997E775E-4A2B-4FC8-9492-D60165B9E223}] => (Block) E:\Programy\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe (WonderFox Soft, Inc. -> WonderFox Soft, Inc)

==================== Restore Points =========================

26-02-2021 18:27:47 Instalační služba modulů systému Windows
26-02-2021 19:09:03 Instalační služba modulů systému Windows
26-02-2021 19:10:00 Instalační služba modulů systému Windows
26-02-2021 19:22:12 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/01/2021 09:28:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program VideoConverterFactoryPro.exe verze 21.3.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 38b8

Čas spuštění: 01d70ed5c492c83b

Čas ukončení: 4294967295

Cesta k aplikaci: E:\Programy\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe

ID hlášení: 0f77dcc1-ddc4-4a12-a97b-36d779a89b3c

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/01/2021 07:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Battle.net.exe, verze: 1.32.0.12713, časové razítko: 0x6036a230
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0xb610d74d
Kód výjimky: 0xe0000008
Posun chyby: 0x0012a8b2
ID chybujícího procesu: 0x2ccc
Čas spuštění chybující aplikace: 0x01d70ec699ad8867
Cesta k chybující aplikaci: D:\Hry\Battle.net\Battle.net.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fdb96acb-ad34-4204-b24f-1205540b1d60
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 07:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Battle.net.exe, verze: 1.32.0.12713, časové razítko: 0x6036a230
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0xb610d74d
Kód výjimky: 0xe0000008
Posun chyby: 0x0012a8b2
ID chybujícího procesu: 0x4ed4
Čas spuštění chybující aplikace: 0x01d70ec08ae563bb
Cesta k chybující aplikaci: D:\Hry\Battle.net\Battle.net.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: be8e0973-249e-4b7f-b9f6-c70d7ef55cf0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 05:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GTA5.exe, verze: 1.0.2060.0, časové razítko: 0x5f2b11a9
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.844, časové razítko: 0x60a6ca36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024785
ID chybujícího procesu: 0x3a20
Čas spuštění chybující aplikace: 0x01d70eb893f1f291
Cesta k chybující aplikaci: F:\Games\GTA V Redux CZ\GTA5.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 74398d40-5021-4144-95f1-394ee788d411
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 01:50:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (03/01/2021 08:12:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Směrování a vzdálený přístup skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedený soubor.

Error: (03/01/2021 08:11:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Shared PC Account Manager byla ukončena s následující chybou:
Katastrofální selhání

Error: (03/01/2021 08:11:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Microsoft App-V Client skončila s následující chybou specifickou pro službu:
Kontext objektu MTS neexistuje.

Error: (03/01/2021 08:09:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba User Experience Virtualization Service skončila s následující chybou specifickou pro službu:
Řídicí bloky úložného prostoru byly zničeny.

Error: (03/01/2021 08:08:38 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Microsoft App-V Client skončila s následující chybou specifickou pro službu:
Kontext objektu MTS neexistuje.

Error: (03/01/2021 08:08:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Směrování a vzdálený přístup skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedený soubor.

Error: (03/01/2021 07:25:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (60000 ms).

Error: (03/01/2021 07:25:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Zasílání zpráv o chybách systému Windows byla ukončena s následující chybou:
K dokončení požadované služby je stránkovací soubor příliš malý.


Windows Defender:
================
Date: 2021-03-01 21:03:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Firefox Download\APF10.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.2093.0, AS: 1.331.2093.0, NIS: 1.331.2093.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-01 21:00:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\gereg\AppData\Local\Temp\Rar$DRa18916.13302\Keygen.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.2093.0, AS: 1.331.2093.0, NIS: 1.331.2093.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-01 15:27:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4E84924E-57D6-46C8-84C2-5FF521526BAE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-26 18:06:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.DE!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\Programy\TunePat Spotify Converter\resources\com.tunepat.spotify.converter\native\register_wrapper.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: D:\Programy\TunePat Spotify Converter\TunePat Spotify Converter.exe
Verze bezpečnostních informací: AV: 1.331.1878.0, AS: 1.331.1878.0, NIS: 1.331.1878.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-24 18:52:54
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Windows\Temp\CC-Updates\Update-6382e83ee8373f7eb320c4ab6916c9dc.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: E:\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.331.1739.0, AS: 1.331.1739.0, NIS: 1.331.1739.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-26 19:17:17
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-02-19 17:01:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===============
Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Filters\LAV64\LAVSplitter.ax that did not meet the Microsoft signing level requirements.

Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. H.A0 12/15/2020
Motherboard: Micro-Star International Co., Ltd. X470 GAMING PLUS MAX (MS-7B79)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 16309.72 MB
Available physical RAM: 10589.04 MB
Total Virtual: 19209.72 MB
Available Virtual: 8471.94 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:111.22 GB) (Free:46.81 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:323.52 GB) NTFS
Drive e: (Datovka) (Fixed) (Total:1863 GB) (Free:1778.02 GB) NTFS
Drive f: (NVMe) (Fixed) (Total:931.5 GB) (Free:795.37 GB) NTFS
Drive g: (Games) (Fixed) (Total:232.87 GB) (Free:102.74 GB) NTFS

\\?\Volume{91f8f381-bd75-42cd-a4e3-947394d8f463}\ () (Fixed) (Total:0.46 GB) (Free:0.04 GB) NTFS
\\?\Volume{3ba472ab-91a7-463a-abdf-77b58926b30f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 0EFA0FA8)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 2519A0DF)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivni kontrola PC

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

psychiq
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 01 bře 2021 21:25

Re: Preventivni kontrola PC

#3 Příspěvek od psychiq »

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-02-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 13
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\Tencent
Deleted C:\Users\gereg\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\gereg\AppData\Local\Tencent
Deleted C:\Users\gereg\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\gereg\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2361 octets] - [02/03/2021 17:29:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivni kontrola PC

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět