Zdravím Mohl by mi někdo mrknout na log? Při spouštění firefoxu se místo domovské stránky spouští nějaká jiná. Po kliku na domovskou se normálně spustí a jeví se OK.
Díky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by smiko (administrator) on VIKIHOME (Micro-Star International Co., Ltd MS-7C02) (16-03-2020 12:04:38)
Running from C:\Users\smiko\Desktop
Loaded Profiles: smiko (Available Profiles: smiko)
Platform: Windows 10 Pro Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\smiko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12527.20258.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12527.20258.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.1090_none_5715d73398f9ea47\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\APP Manager\AppManager.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [APP Manager] => C:\Program Files (x86)\MSI\APP Manager\AppManager.exe [3705520 2019-05-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835760 2019-11-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310832 2020-02-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [Chromium] => "c:\users\smiko\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NonSteam.bat [2018-02-18] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06D41DEE-DA74-47F8-85EE-590E3C6C51A0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {201B4158-80D9-4FC1-8533-EA873A99C3C8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2937F444-006F-406E-8F59-3D7CE9C73349} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3277AC39-AFC7-443A-BCF9-6EBE97CE18CE} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1037984 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {34DA43D6-7FD6-4C34-969B-564395C8312B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {445451F8-75A9-4F0C-AC2A-26958530DB48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48B0A7CA-CF36-479D-A8A0-05AD9618F9BF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FF5F807-08BD-4358-B1DA-C31CC7B0B11E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5DEA1EC9-FD69-49D4-BBA0-8419BE75A1A2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6210BA4D-A656-43A7-9006-5168DFA2C805} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6489EB13-4538-4818-B9F4-89F0218768D4} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-smiko@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {6FF677AA-85C9-42AA-A810-C18B67E22A78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7708F330-0B02-423E-A1C2-2961309BF4BD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79F6C1C1-796B-44B5-AFB1-529D33F3C40C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8BCFFFEA-4CF1-47E8-AB4B-A202FAF23703} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [661240 2018-08-02] (Advanced Micro Devices Inc. -> )
Task: {92A0E92D-C644-4FE4-A6A7-F66B995505C4} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {93015E87-6395-4534-BE15-7D2334096A35} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {A6B86E06-9BFE-4C86-8951-723244A0BE5F} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {A71E2976-BEE1-480A-A397-A330D1C76D4E} - System32\Tasks\GoogleUpdateTaskMachineCore1d57551756d0b69 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {B02793D9-38B8-42A6-85C7-0193DB948F01} - System32\Tasks\GoogleUpdateTaskMachineUA1d57551756f6dcc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {E5F2920C-8315-485B-A6D2-42156E20F534} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAC7831C-E9C9-4ABF-ABCE-271C91BE77CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4E1F234-43E2-4DC4-BD15-8326C5563B5B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F85E2EDA-1400-4F67-A6DE-39851B24F102} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{60252b6a-ef9d-41bf-b07f-4c9e7acdbb0d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-16] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-16] (McAfee, LLC -> McAfee, LLC)
FireFox:
========
FF DefaultProfile: o5xsvfst.default
FF ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default [2020-03-16]
FF Homepage: Mozilla\Firefox\Profiles\o5xsvfst.default -> hxxps://www.seznam.cz/
FF Extension: (AdBlock) - C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-16] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-11-09] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-11-09] (GOG Sp. z o.o. -> GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [907224 2020-03-16] (McAfee, LLC -> McAfee, LLC)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343600 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255544 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507952 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2740912 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_AppManager_Service; C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe [2055352 2019-01-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2325168 2020-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183480 2019-02-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [130056 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2258888 2018-12-19] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45536 2019-05-20] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-04-18] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32728 2019-07-25] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [138064 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV13; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [71152 2018-11-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fd5965e649b796e5\nvlddmkm.sys [23286504 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1154336 2019-06-19] (Realtek Semiconductor Corp. -> Realtek )
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [340488 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [290824 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [115608 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\Windows\System32\drivers\wacomrouterfilter.sys [17816 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [376544 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-16 12:04 - 2020-03-16 12:05 - 000029479 _____ C:\Users\smiko\Desktop\FRST.txt
2020-03-16 12:04 - 2020-03-16 12:04 - 000000000 ____D C:\FRST
2020-03-16 12:03 - 2020-03-16 12:03 - 002279936 _____ (Farbar) C:\Users\smiko\Desktop\FRST64.exe
2020-03-16 11:54 - 2020-03-16 11:54 - 000000000 ___HD C:\OneDriveTemp
2020-03-08 20:05 - 2020-03-08 20:05 - 000284286 _____ C:\Users\smiko\Desktop\cukr rozvary.pdf
2020-03-08 17:26 - 2020-03-08 17:26 - 000002239 _____ C:\Users\Public\Desktop\The Conquerors.lnk
2020-03-08 17:26 - 2020-03-08 17:26 - 000002122 _____ C:\Users\Public\Desktop\Age of Empires II.lnk
2020-03-08 17:26 - 2020-03-08 17:26 - 000000000 ____D C:\ProgramData\Caphyon
2020-03-08 17:26 - 2020-03-08 17:26 - 000000000 ____D C:\Program Files (x86)\Age of Empires II - The Conquerors
2020-03-08 17:25 - 2020-03-08 17:25 - 000000000 ____D C:\Users\smiko\AppData\Roaming\Microsoft Game Studios
2020-03-08 17:09 - 2020-03-08 17:13 - 371989244 _____ (Microsoft Game Studios) C:\Users\smiko\Desktop\Age of Empires 2 + The Conquerors CZ.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000441760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000344296 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-03-02 18:36 - 2020-02-25 21:23 - 011834784 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-03-02 18:36 - 2020-02-25 21:23 - 010159848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 002068384 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001562512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001476328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001138592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000816872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000677792 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000671120 _____ C:\Windows\system32\nvofapi64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000551312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000539024 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 040502200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 035371448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 017462384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 015029360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 005377424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 004714424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001719016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444250.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001482976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444250.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001364368 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001058704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 000807144 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 000653032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-03-02 18:36 - 2020-02-25 03:06 - 000055872 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2020-02-20 05:40 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444219.dll
2020-02-20 05:40 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444219.dll
2020-02-20 02:52 - 2020-03-16 12:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-19 17:08 - 2020-02-01 07:36 - 000801080 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-16 12:02 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-16 12:02 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-03-16 12:01 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-03-16 11:56 - 2018-11-30 21:19 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-16 11:54 - 2018-12-22 19:13 - 000000000 ____D C:\Users\smiko\AppData\Roaming\WTablet
2020-03-16 11:54 - 2018-11-30 23:01 - 000000000 ___RD C:\Users\smiko\Creative Cloud Files
2020-03-16 11:54 - 2018-11-30 22:52 - 000000000 ____D C:\Users\smiko\AppData\Local\Adobe
2020-03-16 11:54 - 2018-11-30 21:16 - 000000000 ____D C:\Users\smiko\AppData\LocalLow\Mozilla
2020-03-16 11:54 - 2018-11-30 21:11 - 000000000 ___RD C:\Users\smiko\OneDrive
2020-03-16 11:52 - 2018-11-30 21:08 - 000005810 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-16 11:52 - 2018-09-15 18:39 - 003208998 _____ C:\Windows\system32\perfh005.dat
2020-03-16 11:52 - 2018-09-15 18:39 - 000914470 _____ C:\Windows\system32\perfc005.dat
2020-03-16 11:46 - 2018-12-01 04:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-16 11:46 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-09 21:26 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-09 21:21 - 2018-12-01 04:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-09 18:28 - 2019-10-04 16:12 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-08 21:25 - 2018-12-01 14:53 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-08 17:26 - 2018-09-15 08:41 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-03-08 17:26 - 2018-09-15 08:41 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-03-08 17:26 - 2018-09-15 08:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-03-08 17:26 - 2018-09-15 08:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2020-03-06 13:21 - 2019-03-22 18:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-06 13:21 - 2019-03-22 18:21 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-03 17:29 - 2018-12-27 12:37 - 000000000 ____D C:\Users\smiko\AppData\Local\CrashDumps
2020-03-03 17:29 - 2018-11-30 21:39 - 000000000 ____D C:\MSI
2020-03-03 17:27 - 2018-11-30 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2020-03-03 17:15 - 2018-11-30 21:39 - 000000000 ____D C:\Program Files (x86)\MSI
2020-03-02 22:40 - 2019-05-25 18:21 - 000000747 _____ C:\Users\smiko\Desktop\Lightroom.lnk
2020-03-02 22:40 - 2019-05-25 18:21 - 000000747 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2020-03-02 22:32 - 2019-12-06 11:18 - 000000759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-03-02 22:32 - 2019-08-16 18:27 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-03-02 22:32 - 2018-11-30 22:56 - 000000000 ____D C:\ProgramData\Adobe
2020-03-02 22:32 - 2018-11-30 21:09 - 000000000 ____D C:\Users\smiko\AppData\Roaming\Adobe
2020-03-02 21:07 - 2019-06-11 18:02 - 000000776 _____ C:\Users\smiko\Desktop\Adobe Lightroom Classic.lnk
2020-03-02 21:07 - 2019-06-11 18:02 - 000000776 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2020-03-02 18:39 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-03-01 16:45 - 2018-12-01 04:01 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-02-26 01:20 - 2018-12-01 08:17 - 004964904 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-02-26 01:20 - 2018-12-01 08:17 - 004233104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-02-25 18:12 - 2018-11-30 21:09 - 000000000 ____D C:\Users\smiko\AppData\Local\Packages
2020-02-25 18:11 - 2019-10-10 13:24 - 000000000 ____D C:\Program Files\Adobe
2020-02-25 18:08 - 2018-11-30 21:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-25 03:06 - 2018-12-01 08:17 - 000055845 _____ C:\Windows\system32\nvinfo.pb
2020-02-25 03:06 - 2018-11-30 21:28 - 001691632 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2020-02-25 03:06 - 2018-11-30 21:28 - 000237392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-02-24 22:02 - 2018-12-07 19:26 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-02-24 21:40 - 2018-12-07 19:26 - 005571056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 002630968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000660792 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000446264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000074552 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2020-02-20 19:34 - 2018-11-30 21:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-02-20 12:03 - 2018-12-07 19:26 - 008933257 _____ C:\Windows\system32\nvcoproc.bin
2020-02-19 18:00 - 2018-11-30 21:06 - 000002361 _____ C:\Users\smiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-09-02 17:03 - 2019-09-20 16:57 - 000000201 _____ () C:\Users\smiko\AppData\Roaming\WB.CFG
2018-11-30 22:56 - 2018-11-30 22:56 - 000000410 _____ () C:\Users\smiko\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontola logu
ještě addition log.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (16-03-2020 12:05:26)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1039 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.84 - McAfee, LLC.)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3EB599FA-2599-4E13-A71E-9F94299DAD56}] => (Allow) LPort=26820
FirewallRules: [{6130B9AD-2809-4AFB-B0B8-9EF6FC4CCF43}] => (Allow) LPort=26822
==================== Restore Points =========================
19-02-2020 17:08:17 Windows Update
01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)
Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:25:27 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: VIKIHOME)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/03/2020 05:22:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1fd4
Čas spuštění chybující aplikace: 0x01d5f177eb747257
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a5307973-c682-4342-86ee-58d55745ea5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16335.06 MB
Available physical RAM: 9655.19 MB
Total Virtual: 18767.06 MB
Available Virtual: 10570.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:177.9 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS
\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (16-03-2020 12:05:26)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1039 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.84 - McAfee, LLC.)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3EB599FA-2599-4E13-A71E-9F94299DAD56}] => (Allow) LPort=26820
FirewallRules: [{6130B9AD-2809-4AFB-B0B8-9EF6FC4CCF43}] => (Allow) LPort=26822
==================== Restore Points =========================
19-02-2020 17:08:17 Windows Update
01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)
Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:25:27 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: VIKIHOME)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/03/2020 05:22:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1fd4
Čas spuštění chybující aplikace: 0x01d5f177eb747257
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a5307973-c682-4342-86ee-58d55745ea5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. CodeIntegrity:
===================================
Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16335.06 MB
Available physical RAM: 9655.19 MB
Total Virtual: 18767.06 MB
Available Virtual: 10570.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:177.9 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS
\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontola logu
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-16-2020
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1636 octets] - [16/03/2020 19:52:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-16-2020
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1636 octets] - [16/03/2020 19:52:44]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontola logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (17-03-2020 07:32:31)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1098 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0375B92-37F1-482F-96A2-BE0305F33C8E}] => (Allow) LPort=26820
FirewallRules: [{3AD8EC3A-F16F-43F9-8BC9-AE1106EFAF3F}] => (Allow) LPort=26822
==================== Restore Points =========================
01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/16/2020 07:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.1098, časové razítko: 0xe934af74
Kód výjimky: 0xe0434352
Posun chyby: 0x00121a62
ID chybujícího procesu: 0x2014
Čas spuštění chybující aplikace: 0x01d5fbc4394a7baa
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 05114ff7-b542-496f-8786-ac4c2f4f10df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/16/2020 07:54:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)
Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])
System errors:
=============
Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:54:36 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2020-03-16 12:18:38.534
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F9AAA214-D2C4-40B3-92B3-57507299C078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chybyři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16335.06 MB
Available physical RAM: 12412.11 MB
Total Virtual: 18767.06 MB
Available Virtual: 13353.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:173.68 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS
\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by smiko (17-03-2020 07:32:31)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1098 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0375B92-37F1-482F-96A2-BE0305F33C8E}] => (Allow) LPort=26820
FirewallRules: [{3AD8EC3A-F16F-43F9-8BC9-AE1106EFAF3F}] => (Allow) LPort=26822
==================== Restore Points =========================
01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/16/2020 07:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.1098, časové razítko: 0xe934af74
Kód výjimky: 0xe0434352
Posun chyby: 0x00121a62
ID chybujícího procesu: 0x2014
Čas spuštění chybující aplikace: 0x01d5fbc4394a7baa
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 05114ff7-b542-496f-8786-ac4c2f4f10df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/16/2020 07:54:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()
Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)
Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])
Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])
System errors:
=============
Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2020 07:54:36 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2020-03-16 12:18:38.534
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F9AAA214-D2C4-40B3-92B3-57507299C078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. CodeIntegrity:
===================================
Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16335.06 MB
Available physical RAM: 12412.11 MB
Total Virtual: 18767.06 MB
Available Virtual: 13353.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:173.68 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS
\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontola logu
Po resetu se automaticky spustí prohlížeč a odkazuje na "gatustox.net"
Log po fixu tady:
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (17-03-2020 12:09:49) Run:1
Running from C:\Users\smiko\Desktop
Loaded Profiles: smiko (Available Profiles: smiko)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\smiko\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB7B9960-B196-43AE-A403-22D73D29BD34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDC5C664-E225-4213-BF7E-8F98E6BFB565}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C7F724D-FF9D-408C-BDE0-8D680617805A}" => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100299726 B
Java, Flash, Steam htmlcache => 121872268 B
Windows/system/drivers => 18029593 B
Edge => 2228105 B
Chrome => 0 B
Firefox => 1129127326 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 80373945 B
systemprofile32 => 82637681 B
LocalService => 82637681 B
NetworkService => 83613969 B
smiko => 243251795 B
RecycleBin => 327041 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:10:32 ====
Log po fixu tady:
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (17-03-2020 12:09:49) Run:1
Running from C:\Users\smiko\Desktop
Loaded Profiles: smiko (Available Profiles: smiko)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\smiko\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB7B9960-B196-43AE-A403-22D73D29BD34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDC5C664-E225-4213-BF7E-8F98E6BFB565}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C7F724D-FF9D-408C-BDE0-8D680617805A}" => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100299726 B
Java, Flash, Steam htmlcache => 121872268 B
Windows/system/drivers => 18029593 B
Edge => 2228105 B
Chrome => 0 B
Firefox => 1129127326 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 80373945 B
systemprofile32 => 82637681 B
LocalService => 82637681 B
NetworkService => 83613969 B
smiko => 243251795 B
RecycleBin => 327041 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:10:32 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
Smazáno. Ještě vyčistíme prohlížeče. Spusťte posrupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontola logu
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by smiko on 17.03.2020 at 19:16:39,79.
Microsoft Windows 10 Pro 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\smiko\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.03.2020 19:18:02 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Imagenomic deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\zzdga deleted successfully
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} deleted successfully
C:\Users\smiko\AppData\Local\DBG deleted successfully
C:\Users\smiko\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng
---- FireFox user.js and prefs.js backups ----
prefs__1928_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Imagenomic not found
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} not found
C:\Users\smiko\.android deleted
C:\PROGRA~2\Age of Empires II - The Conquerors deleted
C:\Users\smiko\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\smiko\AppData\Local\oobelibMkey.log deleted
C:\Users\smiko\AppData\Local\{4652700E-62FA-1CB6-0F62-395E2B0AC5C6} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM27B67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bbd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bf4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c05.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c5f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d43.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d45.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eeb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5451.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5453.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5455.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5467.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5469.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e546b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5481.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5483.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5494.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5496.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5498.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54e1.tmp deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- AdBlock - %ProfilePath%\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
D5C25FABAB84753E78CAABF0DBDAECF1 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\smiko\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 80.0.3987.132
Chromium Browser Version: 63.0.3237.0
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bgbeocleofdgkldamjapfgcglnmhmjgb
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bifdhahddjbdbjmiekcnmeiffabcfjgh
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\nabmpeienmkmicpjckkgihobgleppbkc
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Secure Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\smiko\AppData\Local\Mozilla\Firefox\Profiles\o5xsvfst.default\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1424 folders=138 556335357 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\smiko\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\smiko\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL" not found
==== EOF on 17.03.2020 at 19:33:19,56 ======================
Tool run by smiko on 17.03.2020 at 19:16:39,79.
Microsoft Windows 10 Pro 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\smiko\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
17.03.2020 19:18:02 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Imagenomic deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\zzdga deleted successfully
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} deleted successfully
C:\Users\smiko\AppData\Local\DBG deleted successfully
C:\Users\smiko\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng
---- FireFox user.js and prefs.js backups ----
prefs__1928_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Imagenomic not found
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} not found
C:\Users\smiko\.android deleted
C:\PROGRA~2\Age of Empires II - The Conquerors deleted
C:\Users\smiko\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\smiko\AppData\Local\oobelibMkey.log deleted
C:\Users\smiko\AppData\Local\{4652700E-62FA-1CB6-0F62-395E2B0AC5C6} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM27B67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bbd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bf4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c05.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c5f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d43.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d45.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eeb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5451.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5453.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5455.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5467.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5469.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e546b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5481.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5483.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5494.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5496.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5498.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54e1.tmp deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- AdBlock - %ProfilePath%\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
D5C25FABAB84753E78CAABF0DBDAECF1 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\smiko\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 80.0.3987.132
Chromium Browser Version: 63.0.3237.0
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bgbeocleofdgkldamjapfgcglnmhmjgb
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bifdhahddjbdbjmiekcnmeiffabcfjgh
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\nabmpeienmkmicpjckkgihobgleppbkc
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Secure Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\smiko\AppData\Local\Mozilla\Firefox\Profiles\o5xsvfst.default\cache2 emptied successfully
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1424 folders=138 556335357 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\smiko\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\smiko\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL" not found
==== EOF on 17.03.2020 at 19:33:19,56 ======================
Re: Kontola logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by smiko (Administrator) on 17.03.2020 at 19:35:10,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.03.2020 at 19:35:53,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by smiko (Administrator) on 17.03.2020 at 19:35:10,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.03.2020 at 19:35:53,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontola logu
Tak bohužel. Po restartu se vždycky automaticky otevře prohlížeč (firefox)
na stránku viz screen
na stránku viz screen
- Přílohy
-
- firefox.jpg (35.42 KiB) Zobrazeno 1962 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontola logu
Dejte znovu logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?