Dobrý den, poprosím o kontrolu logu, přijde mi, že mám zpomalené prohlížeče.
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by stoup (19-01-2021 21:20:11)
Running from C:\Users\stoup\OneDrive\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-20 23:49:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-202815913-3708365009-1602261077-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-202815913-3708365009-1602261077-503 - Limited - Disabled)
Guest (S-1-5-21-202815913-3708365009-1602261077-501 - Limited - Disabled)
stoup (S-1-5-21-202815913-3708365009-1602261077-1001 - Administrator - Enabled) => C:\Users\stoup
WDAGUtilityAccount (S-1-5-21-202815913-3708365009-1602261077-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Disabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM\...\{63FED867-23CB-4AC7-9F22-64AD80FA0DA7}) (Version: 2.16.7113.0 - UL) Hidden
3DMark (HKLM-x32\...\{b6a95974-3bca-4571-9656-98b7350cb823}) (Version: 2.16.7113.0 - UL)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acoustica Premium Edition 6.0 (HKLM-x32\...\{B0AB0E72-A179-4B1E-813B-BBA1344819A5}_is1) (Version: 6.0.8 - Acon AS)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CS (x64) (HKLM\...\{71C1FD4A-E7D1-4C24-82AE-D4A07516B6DD}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CT (x64) (HKLM\...\{D251081C-25F7-4EFA-9DF3-C3D3F751CFB2}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CZ (x64) (HKLM\...\{1EE74A96-A900-4607-9D63-25F120E19CC4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - DE (x64) (HKLM\...\{78A4A2EA-7C1D-48A9-92F2-FF60E098EF53}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Docs (x64) (HKLM\...\{74127108-BAE6-4A9E-BE10-931292D9E1AC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - ES (x64) (HKLM\...\{AF2C3573-F52E-4B52-AED8-58F14E626002}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - FR (x64) (HKLM\...\{F4A5C1FF-1BEB-40D1-81F7-460F4021AD76}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IT (x64) (HKLM\...\{8A87BFC9-69B9-4A0A-9D3C-5A8884380DE0}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - JP (x64) (HKLM\...\{D202A107-A207-4A8C-ABE9-29640818EC4F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - NL (x64) (HKLM\...\{65DC3D32-2462-49EC-9263-FB0A5056F899}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PL (x64) (HKLM\...\{217124CA-CFDD-410E-A7F9-C9D43137467E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - RU (x64) (HKLM\...\{EF129473-7919-4CDF-875A-ABF57158901D}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0.0.633 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 -TR (x64) (HKLM\...\{AFB3227A-5276-4E51-A305-A893531C4895}) (Version: 20.0 - Corel Corporation) Hidden
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Crucial Storage Executive (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 5.09.122019.04 - Crucial)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3235023Change_4177747 - GOG.com)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Eraser 6.2.0.2982 (HKLM\...\{DFCF78CC-3DAD-4C1E-8BC6-94DC5B73461E}) (Version: 6.2.2982 - The Eraser Project)
Eye 312 (HKLM-x32\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.78 - Gridinsoft LLC)
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
OpenShot Video Editor verze 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.78.42537 - Electronic Arts, Inc.)
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Roblox Player for stoup (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Someday You'll Return (HKLM-x32\...\2107162474_is1) (Version: 1.7.5g2 - GOG.com)
Spirit of the North (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Spirit of the North) (Version: - HOODLUM)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
War Thunder Launcher 1.0.3.148 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
Packages:
=========
Audio Converter Any Format -> C:\Program Files\WindowsApps\22546Cidade.AudioConverterAnyFormat_4.0.32.0_x64__cjt5542sbwgmj [2021-01-13] (Cidade) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-23] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-07] (Fitbit)
Libra Office Suite -> C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8 [2020-05-04] (HLXB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-13] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-19] (NVIDIA Corp.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-17] (Thumbmunkeys Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-01-11] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-03-19] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-22 14:16 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-05-17 12:38 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2020-02-17 17:59 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-02-17 17:59 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-02-17 17:59 - 2020-02-17 17:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2020-11-21 15:21 - 000001930 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stoup\Downloads\ice_fox-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FDEA0810-9DC4-4550-9931-0EED29323EFA}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{27BE5362-BEBD-4490-9614-FC263ECD2B69}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [{758C36E1-470E-4885-99C0-7DDF6AE65F4D}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{C1F72A2C-71E4-47D4-9604-4386E69A1716}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{4DAD7F12-8523-4906-8D0D-B560E8EC902F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7AD4D326-29B0-4AEF-95A6-6CDA329F2449}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D5A46AA6-1879-4474-98AA-B478AF7C56D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{613C3706-C9DE-4690-9191-243D47C89FE8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6E9A5B4F-8863-4DBD-B494-1FA958F28BF8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C489805F-00A5-458B-8447-CB7138ADA8FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{72F4BFC1-53B9-4016-9FF9-071C4BAB789C}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{E27003F6-015E-4E9B-B2B3-4BB4AA283111}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{247F6E82-E86C-4F72-9878-A794CB9C46BC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{10FE1538-D2BF-4261-B458-DEAFDF550FFC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{11B91DFF-2B67-446E-B85E-1AB9ECB320F3}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{0834AFE9-3ADD-4E68-A1FD-486A35D3C655}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F58E7E5-8E66-4424-A3E1-38FBE16A08E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B30F0231-C5D5-46E5-BE0E-097BF6956FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5E193851-3B8D-4B40-A99B-EA0734374986}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A75511BD-62BB-4145-B7DA-6100BE63B83F}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{04132621-F4A5-495D-AD89-D566379ED773}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{693F0373-6996-4010-BF41-C329ABB2AC46}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{3B134E21-1D1E-410D-8314-22989E282815}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{33ABDF98-B39E-4A14-ABCF-92D089CB08C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{96C25ACC-96C4-4F3D-B7CE-18BD5794036F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{6CAB91E3-D0E8-49B8-A5C4-33141FCE4319}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5458AE3A-D26B-430B-8EC5-F79E7ED5D748}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F5FDB86D-0B06-4DF0-9A4F-791C701101D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C29B2497-562F-406A-A925-5206A58A871A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4992BB24-08C3-4452-A690-EBB87E4FC166}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CD2227A-DCA4-4665-8635-7156FE1E533C}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{C120CCF9-6AD3-40CE-9DBE-FF27DED562E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{E22317A5-2229-4C71-B3F0-A8C9C8271DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [{C83C4AEC-95F3-4FAA-B7B3-C42885C33A7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE59EF50-9C3A-4FB6-B3F5-C8BF21924E2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31B29B56-88F6-4FA4-8318-D735FD67D886}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90682371-FF62-4CD2-9E54-B154393EB621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0FA4466A-8F0E-4D2F-9E03-B328F498BC1D}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{A661AB6C-7E22-4DE9-A234-47F8D84EFFE3}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{AFBEC143-6F30-428B-AE14-3EA875E3608C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{72B9013A-F097-4619-8048-7EC212753D99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{AC14182A-4C4E-4313-A4B3-2CE925537B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [TCP Query User{E1FB3EC1-754C-407A-BA88-874BDD4F02C3}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1E8C5F06-720B-4724-B2E1-1DDEE3EE401A}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5A11B54C-6C29-4D34-AE20-D45C61E7D97F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1CCD4FD-6325-4A32-9EAD-A9E5D0C0306E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99B9A79E-F7F0-4BBB-B4DF-93B876BF70F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF70E026-53C5-4E14-B5BD-AADE684653E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8188088-6067-4E2F-BA8D-1221CAE9ED0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65F3D82D-8549-483B-BFDB-5DBC0FCF184D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
19-01-2021 17:08:35 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 09:05:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:58:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:48:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:26:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:06:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3576,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (01/19/2021 08:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:59:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Log Utility neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Log Utility bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:58:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Lavasoft Ad-Aware Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (01/19/2021 07:37:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
===================================
Date: 2021-01-19 19:24:26.205
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Uwasson.A!ml
ID: 251745
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b5
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-19 19:24:24.202
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b7
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-17 21:19:41.724
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {238D9039-61F0-47FA-9EE4-71C30EB3015B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-11 20:03:35.413
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4D165924-7986-4281-9BFC-E2FEAB4FD592}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-01 22:09:15.163
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4050F8C9-B948-43B7-9120-56F4CA36444D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2021-01-19 21:10:17.658
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:08:40.303
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:31.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:24.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:19.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:18.172
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F1 08/17/2020
Motherboard: Gigabyte Technology Co., Ltd. B450M DS3H V2
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16332.61 MB
Available physical RAM: 9168.71 MB
Total Virtual: 21708.61 MB
Available Virtual: 11409.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.25 GB) (Free:146.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (WD500Gb) (Fixed) (Total:465.76 GB) (Free:107.34 GB) NTFS
\\?\Volume{1a10bb5c-0000-0000-0000-205074000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1A10BB5C)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=519 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EE9D3ECA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
Ran by stoup (administrator) on DESKTOP-AS6HE0O (Gigabyte Technology Co., Ltd. B450M DS3H V2) (19-01-2021 21:19:23)
Running from C:\Users\stoup\OneDrive\Desktop
Loaded Profiles: stoup
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Gaijin Network LTD -> Gaijin) C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.bin
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1067024 2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Gaijin.Net Updater] => C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Opera Browser Assistant] => C:\Users\stoup\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {3E25E44F-E6D6-46C0-88D5-55D35A6B679E} - System32\Tasks\Opera scheduled Autoupdate 1554923785 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {3F158DF5-17A3-4425-8792-F55FA9810F7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47400C43-D0C9-41E5-B3A7-26A85D3DD586} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {4BC10CD5-8E20-44C6-B062-E15EBBCE1E03} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {500C04C4-6628-4736-8287-36080D8124ED} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50750946-E51C-4AA2-946B-2E3DFAAADD70} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1644480 2018-03-06] (Corel Corporation -> Corel Corporation)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {72CC1F44-F249-4808-92DD-097F0B02A4A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E46EBD7-A949-4406-81D0-517EE33568C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8ECB25B1-A20F-43F3-A259-5E02B7B36CE1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {99D91E38-AD25-486B-8F45-1FD57E963A04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E75A821-5EB1-4B42-AF7B-A7E9A702561D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A18787D8-A407-4742-8E73-9455B1BFC014} - System32\Tasks\Opera scheduled assistant Autoupdate 1582734759 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\stoup\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AB1658DD-0A89-411B-941A-E4130EBC85AF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC7C80A4-B767-46E6-9A8C-745BE9F789C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE819C3F-BAFE-40D9-BFD8-7A1528873524} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7E8D100-A2F9-45C2-AF24-8F4B9F101180} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {DCF632AE-F40E-4C6B-AF5C-F06DD308C411} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1156858-DAB2-4A88-97A8-85FC00912E4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF3D728C-3152-40DF-A245-087AC427EE59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8A40BAC-5371-4A18-83D1-D7E1DFD47255} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{030501c3-ea03-4580-98c4-02bc71413ce9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91778c54-b2f8-4f4e-afd0-8ff5ad49d99e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\stoup\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-19]
FireFox:
========
FF DefaultProfile: 61fmaxz7.default-1553011361875
FF ProfilePath: C:\Users\stoup\AppData\Roaming\Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 [2021-01-19]
FF Notifications: Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 -> hxxps://www.facebook.com; hxxps://www.exasoft.cz; hxxps://a.mp3pro.xyz; hxxps://www.sevt.cz; hxxps://www.hudy.cz; hxxps://www.4camping.cz; hxxps://aukro.cz
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
Chrome:
=======
CHR Profile: C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default [2021-01-19]
CHR Notifications: Default -> hxxps://mediamarkt.pl; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-07]
CHR Extension: (Dokumenty) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-07]
CHR Extension: (Disk Google) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-07]
CHR Extension: (Tabulky) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
Opera:
=======
OPR Profile: C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable [2021-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510136 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3462464 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67576 2018-12-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-07] (Martin Malik - REALiX -> REALiX(tm))
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1087120 2019-01-23] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R3 MpKsl0a43ddaf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{335FC21D-9A6D-4529-9A93-758DECC24BFC}\MpKslDrv.sys [91376 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:02 - 2021-01-19 21:19 - 000000000 ____D C:\FRST
2021-01-19 20:57 - 2021-01-19 20:57 - 000018451 _____ C:\Users\stoup\Downloads\FRST.rar
2021-01-19 20:12 - 2021-01-19 20:12 - 000000000 __HDC C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2021-01-19 19:36 - 2021-01-19 19:36 - 000000778 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-19 19:32 - 2021-01-19 20:16 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\GridinSoft
2021-01-19 19:31 - 2021-01-19 19:31 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix (1).exe
2021-01-19 19:30 - 2021-01-19 19:30 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix.exe
2021-01-19 19:29 - 2021-01-19 19:29 - 015012440 _____ (ESET spol. s r.o.) C:\Users\stoup\Downloads\esetonlinescanner.exe
2021-01-19 19:23 - 2021-01-19 19:23 - 008458096 _____ (Malwarebytes) C:\Users\stoup\Downloads\adwcleaner_8.0.9.exe
2021-01-19 19:21 - 2021-01-19 19:23 - 633521152 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-whql.exe
2021-01-19 19:11 - 2021-01-19 19:11 - 000000000 ____D C:\Users\stoup\AppData\Local\mbam
2021-01-19 19:10 - 2021-01-19 19:10 - 002086424 _____ (Malwarebytes) C:\Users\stoup\Downloads\MBSetup (2).exe
2021-01-19 19:06 - 2021-01-19 19:07 - 000200506 _____ C:\TDSSKiller.2.8.16.0_19.01.2021_19.06.03_log.txt
2021-01-19 19:06 - 2021-01-19 19:06 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\47639295.sys
2021-01-19 17:51 - 2021-01-19 17:51 - 000000000 ____D C:\Users\stoup\AppData\Roaming\NVIDIA
2021-01-19 17:15 - 2021-01-19 21:18 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000000000 ____D C:\Users\stoup\ansel
2021-01-19 17:13 - 2021-01-19 17:13 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-19 17:13 - 2020-12-31 15:01 - 002797552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 002154984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 001294832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-01-19 17:12 - 2020-12-31 15:01 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000690072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-19 17:11 - 2021-01-04 15:46 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000610712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 005631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-19 17:11 - 2021-01-04 15:44 - 000850840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-19 17:11 - 2021-01-04 15:43 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-19 17:11 - 2021-01-04 15:43 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-19 17:11 - 2020-12-31 15:01 - 000084159 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-19 17:09 - 2021-01-19 20:14 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-19 17:09 - 2021-01-19 19:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-19 17:08 - 2020-12-31 15:01 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-19 17:08 - 2020-10-05 14:05 - 001492800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvppcgenco64_145831832.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 001690976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-19 17:02 - 2021-01-19 17:03 - 661510840 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-18 21:58 - 2021-01-18 21:58 - 000060012 _____ C:\Users\stoup\Downloads\EDAZ-5L36738_20210201_426ad2b7-57e9-400f-81eb-5c532ac511b3.pdf
2021-01-13 20:46 - 2021-01-13 20:46 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:46 - 2021-01-13 20:46 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:45 - 2021-01-13 20:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 08:05 - 2021-01-13 08:05 - 015793332 _____ C:\Users\stoup\Downloads\prilohy_56650.zip
2021-01-13 03:12 - 2021-01-13 03:12 - 000107784 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gsInetSecurity.sys
2021-01-13 03:12 - 2021-01-13 03:12 - 000038216 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2021-01-12 19:48 - 2021-01-12 19:48 - 000092226 _____ C:\Users\stoup\Downloads\faktura 180040.pdf
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
2021-01-11 19:39 - 2021-01-11 19:39 - 000000000 ____D C:\Program Files (x86)\Futuremark
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\Users\Public\Desktop\3DMark.lnk
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\ProgramData\Desktop\3DMark.lnk
2021-01-11 19:34 - 2021-01-19 17:38 - 000000000 ____D C:\Users\stoup\OneDrive\Documents\3DMark
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default User\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\stoup\AppData\Local\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default User\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\ProgramData\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Program Files\UL
2021-01-11 18:17 - 2019-10-30 02:20 - 001126344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-01-11 18:17 - 2019-10-30 02:20 - 000481888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-01-11 18:17 - 2019-10-29 23:20 - 000821336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-01-06 19:13 - 2021-01-06 19:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-06 16:58 - 2021-01-06 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 16:58 - 2021-01-06 16:58 - 000056630 _____ C:\Users\stoup\Downloads\Doklad_eshop482511.pdf
2021-01-03 15:40 - 2021-01-03 15:40 - 000834901 _____ C:\Cyberpunk.2077.v1.03-v1.06.Plus.32.Trainer-FLiNG.zip
2021-01-01 16:59 - 2021-01-01 16:59 - 000000000 ____D C:\Users\stoup\AppData\Local\CD Projekt Red
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\Users\Public\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\ProgramData\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\Users\stoup\AppData\Local\REDEngine
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\Users\Public\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\ProgramData\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Someday You'll Return [GOG.com]
2020-12-24 13:04 - 2020-12-24 13:04 - 000315813 _____ C:\Users\stoup\Downloads\CZECH.zip
2020-12-24 12:40 - 2020-12-24 12:40 - 000000000 ____D C:\Users\stoup\AppData\Local\The Creative Assembly
2020-12-24 00:21 - 2020-12-24 00:21 - 000000000 ____D C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018)
2020-12-24 00:19 - 2020-12-24 00:21 - 440544064 _____ C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018).zip
2020-12-21 18:03 - 2020-12-21 18:03 - 000000000 ____D C:\Users\stoup\AppData\Roaming\SyberiaTWBP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:18 - 2019-01-08 23:05 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA Corporation
2021-01-19 21:12 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 20:27 - 2020-03-21 00:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 20:22 - 2019-02-05 06:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 20:21 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\Mozilla
2021-01-19 20:18 - 2020-03-21 00:47 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-19 20:18 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-19 20:18 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-19 20:18 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 20:12 - 2020-03-21 00:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-19 20:12 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-19 19:59 - 2019-12-28 05:19 - 000000000 ____D C:\Users\stoup\AppData\Local\ESET
2021-01-19 19:33 - 2020-09-23 21:25 - 000000000 ____D C:\Users\stoup\AppData\Local\CrashDumps
2021-01-19 19:33 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-19 19:28 - 2020-09-20 15:07 - 000000000 ____D C:\AdwCleaner
2021-01-19 19:26 - 2020-09-20 14:58 - 000000000 ____D C:\EEK
2021-01-19 19:05 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\vlc
2021-01-19 17:51 - 2019-01-07 20:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:15 - 2020-03-21 00:43 - 000000000 ____D C:\Users\stoup
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-19 17:13 - 2019-01-07 20:22 - 000000000 ____D C:\ProgramData\Packages
2021-01-19 17:13 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\Packages
2021-01-19 17:02 - 2020-09-29 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-19 17:02 - 2020-03-10 15:37 - 000000000 ____D C:\Program Files (x86)\AMD
2021-01-19 17:02 - 2019-01-07 20:12 - 000000000 ____D C:\Program Files\AMD
2021-01-19 17:01 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\AMD
2021-01-19 17:01 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\AMD
2021-01-19 07:17 - 2019-01-07 20:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-19 06:45 - 2019-01-07 20:38 - 000000000 ____D C:\Users\stoup\AppData\Local\D3DSCache
2021-01-18 17:02 - 2020-03-21 00:49 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1554923785
2021-01-18 17:02 - 2019-04-10 20:16 - 000001405 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-13 21:37 - 2020-03-21 00:41 - 000497432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 21:37 - 2020-03-21 00:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 ___RD C:\Users\stoup\3D Objects
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 20:49 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:48 - 2019-01-08 06:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:47 - 2019-01-08 06:48 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:45 - 2020-03-21 00:44 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 20:45 - 2019-01-07 20:01 - 000410816 __RSH C:\bootmgr
2021-01-12 01:13 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-12 01:13 - 2019-01-07 20:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 19:37 - 2019-01-07 20:12 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-11 19:06 - 2020-07-24 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-11 18:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-06 19:13 - 2019-03-19 17:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-06 19:13 - 2019-03-19 17:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-03 15:21 - 2019-01-11 18:27 - 000000000 ____D C:\Users\stoup\AppData\Local\JDownloader 2.0
2021-01-01 16:28 - 2020-08-02 10:06 - 000000000 ____D C:\GOG Games
2020-12-29 09:11 - 2019-02-14 18:41 - 000000000 ____D C:\Games
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Users\stoup\AppData\Local\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Program Files (x86)\Comodo
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-25 18:53 - 2020-09-27 11:17 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-24 13:31 - 2019-02-22 20:39 - 000000000 ____D C:\Program Files\Epic Games
==================== Files in the root of some directories ========
2019-01-12 11:12 - 2020-09-07 18:08 - 000003981 _____ () C:\Users\stoup\AppData\Roaming\DESKTOP-AS6HE0O.MTBF.txt
2019-01-12 11:17 - 2019-01-12 11:17 - 000003584 _____ () C:\Users\stoup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ () C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu logu
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o kontrolu logu
-------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-19-2021
# Duration: 00:00:13
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [20/09/2020 16:08:04]
AdwCleaner[S01].txt - [1467 octets] - [11/10/2020 10:08:32]
AdwCleaner[C01].txt - [1657 octets] - [11/10/2020 10:08:43]
AdwCleaner[S02].txt - [2323 octets] - [19/01/2021 19:27:15]
AdwCleaner[C02].txt - [2385 octets] - [19/01/2021 19:28:36]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-19-2021
# Duration: 00:00:13
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [20/09/2020 16:08:04]
AdwCleaner[S01].txt - [1467 octets] - [11/10/2020 10:08:32]
AdwCleaner[C01].txt - [1657 octets] - [11/10/2020 10:08:43]
AdwCleaner[S02].txt - [2323 octets] - [19/01/2021 19:27:15]
AdwCleaner[C02].txt - [2385 octets] - [19/01/2021 19:28:36]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Re: prosím o kontrolu logu
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
EmptyTemp:
Hosts:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by stoup (20-01-2021 19:46:46) Run:1
Running from C:\Users\stoup\OneDrive\Desktop
Loaded Profiles: stoup
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07BF7802-C897-4B30-A394-7A136B659B04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07BF7802-C897-4B30-A394-7A136B659B04}" => removed successfully
C:\WINDOWS\System32\Tasks\AMD ThankingURL => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMD ThankingURL" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{237C08C5-0F73-4253-AF38-BDA51B9C9826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{237C08C5-0F73-4253-AF38-BDA51B9C9826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32BF3F23-E172-42A2-9C41-2F896ACA12DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32BF3F23-E172-42A2-9C41-2F896ACA12DA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70F3FC92-9FD7-454C-95DA-B178EC95A95C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70F3FC92-9FD7-454C-95DA-B178EC95A95C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js => moved successfully
HKLM\System\CurrentControlSet\Services\Rockstar Service => removed successfully
Rockstar Service => service removed successfully
HKLM\System\CurrentControlSet\Services\AODDriver4.3.0 => removed successfully
AODDriver4.3.0 => service removed successfully
C:\WINDOWS\system32\rdsxvmaudio.dll => moved successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth18.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth17.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth16.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth15.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => removed successfully
HKLM\Software\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\stoup\Downloads\12382636.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\12445438.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\12445438.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\501900000001CZ.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\501900000001CZ.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\501931833155CZ.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\hw64_538.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\hw64_538.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf => ":$CmdZnID" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B3093E2-77C1-4D08-926E-CE1C34B8E271}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1391246741 B
Java, Flash, Steam htmlcache => 448739824 B
Windows/system/drivers => 3613898 B
Edge => 102912 B
Chrome => 178491221 B
Brave => 0 B
Firefox => 641069536 B
Opera => 13995278 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 135988 B
NetworkService => 697498 B
stoup => 656128253 B
RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:47:39 ====
Ran by stoup (20-01-2021 19:46:46) Run:1
Running from C:\Users\stoup\OneDrive\Desktop
Loaded Profiles: stoup
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07BF7802-C897-4B30-A394-7A136B659B04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07BF7802-C897-4B30-A394-7A136B659B04}" => removed successfully
C:\WINDOWS\System32\Tasks\AMD ThankingURL => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMD ThankingURL" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{237C08C5-0F73-4253-AF38-BDA51B9C9826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{237C08C5-0F73-4253-AF38-BDA51B9C9826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32BF3F23-E172-42A2-9C41-2F896ACA12DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32BF3F23-E172-42A2-9C41-2F896ACA12DA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70F3FC92-9FD7-454C-95DA-B178EC95A95C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70F3FC92-9FD7-454C-95DA-B178EC95A95C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js => moved successfully
HKLM\System\CurrentControlSet\Services\Rockstar Service => removed successfully
Rockstar Service => service removed successfully
HKLM\System\CurrentControlSet\Services\AODDriver4.3.0 => removed successfully
AODDriver4.3.0 => service removed successfully
C:\WINDOWS\system32\rdsxvmaudio.dll => moved successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth18.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth17.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth16.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth15.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt => removed successfully
HKLM\Software\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\stoup\Downloads\12382636.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\12445438.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\12445438.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\501900000001CZ.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\501900000001CZ.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\501931833155CZ.pdf => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\hw64_538.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\hw64_538.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe => ":$CmdZnID" ADS removed successfully
C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf => ":$CmdTcID" ADS removed successfully
C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf => ":$CmdZnID" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B3093E2-77C1-4D08-926E-CE1C34B8E271}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1391246741 B
Java, Flash, Steam htmlcache => 448739824 B
Windows/system/drivers => 3613898 B
Edge => 102912 B
Chrome => 178491221 B
Brave => 0 B
Firefox => 641069536 B
Opera => 13995278 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 135988 B
NetworkService => 697498 B
stoup => 656128253 B
RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:47:39 ====
Re: prosím o kontrolu logu
Ako je na tom system?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: prosím o kontrolu logu
Vypadá OK, děkuji :_)
Re: prosím o kontrolu logu
V pohodicke, nemate zac :]]
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?