Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
toki
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 170
Registrován: 29 črc 2008 11:15
Bydliště: Košice, SK
Kontaktovat uživatele:

Prosim o kontrolu

#1 Příspěvek od toki »

Dobry den, prosim o kontrolu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by tokar (administrator) on TOKIBEAST (ASUS System Product Name) (28-08-2022 15:05:46)
Running from C:\Users\tokar\OneDrive\Plocha
Loaded Profiles: tokar
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7893\Agent.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesPrismSync.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(svchost.exe ->) (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.) C:\Program Files\EXPERTool\TBPanel.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [12836224 2022-08-18] (SteelSeries ApS -> SteelSeries ApS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2982608 2022-06-25] (Skutta, Kristjan -> )
HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yzmatrix.scr [2768896 2006-09-15] () [File not signed]
HKLM\...\Print\Monitors\HP B611 Status Monitor: C:\Windows\system32\hpinkstsB611LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 5520 series): C:\Windows\system32\HPDiscoPMB611.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\tokar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar456.lnk [2022-08-28]
ShortcutTarget: Sidebar456.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026EFCD2-7C08-44C6-AC09-03E43012ABC5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {054C480B-DE09-4896-998F-3D7E4C5BB244} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0589E220-083E-4BFD-99A9-2CCDC05D7E1F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {17B53CAE-5306-4336-BD4A-DF2FE29BB046} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1CA7FDBE-B1BF-438F-BFD4-C2F36DCB71CC} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.70\Installer\setup.exe [3286944 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {384266DF-1BA6-4F36-BE9E-B09F853E9A25} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2398447425-3274881014-1611824863-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {387A84EE-190B-456F-A1A0-608595163888} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MpCmdRun.exe [1335968 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41CA5C80-7402-4D3E-9239-F823314ED5C7} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42048 2022-08-27] (HP Inc. -> HP Inc.)
Task: {421CA42A-E36B-4FAA-903C-97AE99996C7C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {55CB62E7-3F62-4D57-A254-903221D777F3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {56721DD3-C8FE-40D1-81D7-68BE5D57AC94} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5DA59A93-3F3A-4046-B568-D12C16072A34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E4CB74B-8F07-4F3E-A7DE-BFF3ECF6ECE3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {6304DA63-4734-44BD-B1A5-87A977A489B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6631A775-F33D-4EA8-BC7F-4CF1A12E3829} - System32\Tasks\EXPERTool => C:\Program Files\EXPERTool\TBPanel.exe [4460624 2021-09-10] (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.)
Task: {75E9E911-7847-4E8C-8574-28FF1C8EBEED} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7729C0D5-89A3-42DF-B5B1-56A75ADED79C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MpCmdRun.exe [1335968 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E7B1FAA-CDAB-4E59-8C11-15C6D4CC4B23} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8F79E88E-5752-41CD-A634-2BBC03AF4F3F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42048 2022-08-27] (HP Inc. -> HP Inc.)
Task: {93F640DB-9BE1-466F-84A3-7246BF527F28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A6EC31AE-BA96-41E9-A710-D6DB3E9D610A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4172168 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE23561D-5BE6-486E-AD85-E063C9BFDC54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MpCmdRun.exe [1335968 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF6D3234-37DB-4B8A-87C5-0CB8B90AFCCD} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-14] (Microsoft Windows -> Microsoft Corporation)
Task: {AF7073B6-1D03-425F-A563-D2329433D0C0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B6BFE318-AD15-41A3-BCBA-306F63312634} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MpCmdRun.exe [1335968 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C1B69BA6-77A7-4661-87F2-97BE9D831C97} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4817565-A283-431B-8851-059628D45FCB} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CC2498B2-FBEC-45E5-BF3B-4878FC8D9D91} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116632 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD843184-8F36-4F0A-8F2A-94A0C153ABDD} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {EE58FCE6-24D7-4477-BE34-0EEDB8E38B87} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EEF447C5-A3B6-4EE0-BE8E-C93B376BF75C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6570472 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4B70D96-17F0-4A52-A42B-D16193EB886B} - System32\Tasks\Core Temp Autostart tokar => C:\Program Files\Core Temp\Core Temp.exe [1035096 2021-04-11] (ALCPU -> ALCPU)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{599b1d2c-5456-4ddf-9a91-748cadf2a09b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\tokar\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-25]

FireFox:
========
FF DefaultProfile: n6sro3jy.default
FF ProfilePath: C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\n6sro3jy.default [2021-12-13]
FF ProfilePath: C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release [2022-08-28]
FF Session Restore: Mozilla\Firefox\Profiles\zs3fcvbj.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\zs3fcvbj.default-release -> hxxps://moja.uniqa.sk
FF Extension: (BetterTTV) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\firefox@betterttv.net.xpi [2022-08-06]
FF Extension: (uBlock Origin) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-08-20]
FF Extension: (Three Wolf Moon Shirt) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\{50193c98-9eee-4b67-9244-95ced154911d}.xpi [2021-12-01]
FF Extension: (Video DownloadHelper) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-12-01]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-07-06]
FF Extension: (Dark Fox) - C:\Users\tokar\AppData\Roaming\Mozilla\Firefox\Profiles\zs3fcvbj.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-12-01]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2021-02-09] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2021-09-06] (DITEC, a.s. -> Ditec,a.s.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [842128 2022-08-18] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9811832 2022-06-09] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncHelper.exe [3389832 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-27] (HP Inc. -> HP Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.161.0731.0002\OneDriveUpdaterService.exe [3830152 2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; F:\Rockstar Games Launcher\RockstarService.exe [2559896 2022-02-24] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2022-08-18] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\NisSrv.exe [3125120 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MsMpEng.exe [133560 2022-08-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 A38CCID; C:\Windows\system32\DRIVERS\a38ccid.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
R3 ALSysIO; C:\Users\tokar\AppData\Local\Temp\ALSysIO64.sys [47240 2022-08-18] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [47784 2021-09-03] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\Windows\system32\DRIVERS\sshid.sys [43960 2022-08-18] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_ab95c13003d9c50f\SteelSeries-Sonar-VAD.sys [92912 2022-07-18] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-08-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [453880 2022-08-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94456 2022-08-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-14 07:16 - 2022-08-14 07:16 - 000198850 _____ C:\Users\tokar\Downloads\76655_VyplatnaPaska_202207-3.pdf
2022-08-14 07:15 - 2022-08-14 07:15 - 000198850 _____ C:\Users\tokar\Downloads\76655_VyplatnaPaska_202207-2.pdf
2022-08-14 07:14 - 2022-08-14 07:15 - 000198850 _____ C:\Users\tokar\Downloads\76655_VyplatnaPaska_202207-1.pdf
2022-08-14 07:14 - 2022-08-14 07:14 - 000198850 _____ C:\Users\tokar\Downloads\76655_VyplatnaPaska_202207.pdf
2022-08-14 04:42 - 2022-08-14 04:42 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-08-14 04:42 - 2022-08-14 04:42 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-08-14 04:42 - 2022-08-14 04:42 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-08-14 04:42 - 2022-08-14 04:42 - 000162304 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-08-14 04:42 - 2022-08-14 04:42 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-14 04:42 - 2022-08-14 04:42 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-14 04:42 - 2022-08-14 04:42 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-08-14 04:42 - 2022-08-14 04:42 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-08-14 04:38 - 2022-08-14 04:38 - 000000000 ___HD C:\$WinREAgent
2022-08-14 04:38 - 2022-08-14 04:38 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-08-12 17:04 - 2022-08-14 13:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-08-09 17:29 - 2022-07-28 09:28 - 001905920 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-08-09 17:29 - 2022-07-28 09:28 - 001905920 _____ C:\Windows\system32\vulkaninfo.exe
2022-08-09 17:29 - 2022-07-28 09:28 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-08-09 17:29 - 2022-07-28 09:28 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-08-09 17:29 - 2022-07-28 09:27 - 001471992 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-08-09 17:29 - 2022-07-28 09:27 - 001432320 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-08-09 17:29 - 2022-07-28 09:27 - 001432320 _____ C:\Windows\system32\vulkan-1.dll
2022-08-09 17:29 - 2022-07-28 09:27 - 001213432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-08-09 17:29 - 2022-07-28 09:27 - 001145600 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-08-09 17:29 - 2022-07-28 09:27 - 001145600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-08-09 17:29 - 2022-07-28 09:24 - 000865776 _____ C:\Windows\system32\nvofapi64.dll
2022-08-09 17:29 - 2022-07-28 09:24 - 000771576 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-08-09 17:29 - 2022-07-28 09:24 - 000687608 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-08-09 17:29 - 2022-07-28 09:23 - 002127872 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-08-09 17:29 - 2022-07-28 09:23 - 001607680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-08-09 17:29 - 2022-07-28 09:23 - 001536504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-08-09 17:29 - 2022-07-28 09:23 - 001182712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-08-09 17:29 - 2022-07-28 09:23 - 000714752 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-08-09 17:29 - 2022-07-28 09:22 - 010269688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 008803832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 005362672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 003066872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 001059328 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 000845296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-08-09 17:29 - 2022-07-28 09:22 - 000456176 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-08-09 17:29 - 2022-07-28 09:21 - 005735920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-08-09 17:29 - 2022-07-28 09:21 - 000852976 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-08-09 17:29 - 2022-07-28 09:20 - 006367440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-08-09 17:29 - 2022-07-22 06:25 - 000093241 _____ C:\Windows\system32\nvinfo.pb
2022-08-09 17:29 - 2022-07-22 06:25 - 000043184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-28 15:05 - 2021-12-12 22:11 - 000000000 ____D C:\FRST
2022-08-28 15:05 - 2021-12-01 18:33 - 000000000 ____D C:\Users\tokar\AppData\LocalLow\Mozilla
2022-08-28 15:03 - 2021-12-01 18:57 - 000000000 ____D C:\Users\tokar\AppData\Local\Battle.net
2022-08-28 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-28 14:33 - 2021-12-01 19:06 - 000000000 ____D C:\Users\tokar\AppData\Roaming\discord
2022-08-28 14:33 - 2021-12-01 19:06 - 000000000 ____D C:\Users\tokar\AppData\Local\Discord
2022-08-28 13:58 - 2020-11-19 00:45 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-08-28 12:25 - 2021-12-01 18:45 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-28 12:12 - 2022-03-27 00:07 - 000000000 ____D C:\Users\tokar\AppData\Roaming\weakauras-companion
2022-08-27 13:49 - 2021-12-01 19:52 - 000000000 ____D C:\Windows\system32\Tasks\HP
2022-08-27 13:49 - 2021-12-01 19:43 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-08-27 13:08 - 2022-02-16 22:42 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2398447425-3274881014-1611824863-1001
2022-08-27 13:08 - 2021-12-11 17:12 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-08-27 13:08 - 2021-12-09 14:24 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-08-27 13:08 - 2021-12-09 14:24 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-27 12:29 - 2022-06-03 13:16 - 000000000 ____D C:\Users\tokar\AppData\Local\Overwolf
2022-08-27 12:29 - 2021-12-01 18:56 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-08-27 12:28 - 2021-12-04 19:13 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-08-27 12:28 - 2020-11-19 01:47 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-27 12:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-27 12:28 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-26 13:39 - 2021-12-01 19:53 - 000000000 ____D C:\Users\tokar\AppData\Roaming\steelseries-gg-client
2022-08-26 13:39 - 2021-12-01 19:50 - 000000000 ____D C:\ProgramData\SteelSeries
2022-08-26 13:39 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-08-26 13:09 - 2020-11-19 01:45 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-08-26 13:08 - 2020-11-19 01:47 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-26 13:08 - 2020-11-19 01:47 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-21 08:14 - 2021-12-01 18:28 - 000000000 ____D C:\Users\tokar\AppData\Local\D3DSCache
2022-08-21 08:11 - 2022-06-03 13:17 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-20 06:09 - 2021-12-01 19:00 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2022-08-19 15:23 - 2021-12-01 18:28 - 000000000 ____D C:\Users\tokar\AppData\Local\Packages
2022-08-19 15:19 - 2021-12-01 19:35 - 000049064 _____ C:\Windows\system32\perfh01B.dat
2022-08-19 15:19 - 2021-12-01 19:35 - 000012206 _____ C:\Windows\system32\perfc01B.dat
2022-08-19 15:19 - 2021-12-01 18:27 - 000885196 _____ C:\Windows\system32\PerfStringBackup.INI
2022-08-18 19:25 - 2021-12-01 18:22 - 000880672 _____ C:\Windows\system32\wpbbin.exe
2022-08-18 19:25 - 2021-12-01 18:22 - 000842128 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-08-18 19:25 - 2021-12-01 18:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-18 19:25 - 2020-11-19 01:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-08-18 19:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-08-18 17:38 - 2021-09-03 19:10 - 000043960 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2022-08-14 13:53 - 2021-12-01 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-14 13:53 - 2020-11-19 00:45 - 000438936 _____ C:\Windows\system32\FNTCACHE.DAT
2022-08-14 13:53 - 2019-12-07 16:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-14 13:53 - 2019-12-07 16:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-08-14 13:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-08-14 13:53 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-08-14 09:22 - 2021-12-07 18:59 - 000000000 ____D C:\Users\tokar\AppData\Roaming\vlc
2022-08-14 04:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-08-14 04:42 - 2020-11-19 01:47 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-08-14 04:41 - 2021-12-09 14:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-08-14 04:38 - 2021-12-01 19:05 - 000000000 ____D C:\Windows\system32\MRT
2022-08-14 04:38 - 2021-12-01 18:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-14 04:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2022-08-14 04:37 - 2021-12-01 19:05 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-10 18:51 - 2021-12-02 15:46 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-08-10 18:51 - 2021-12-02 15:46 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-09 17:34 - 2021-12-01 18:39 - 000000000 ____D C:\Users\tokar\AppData\Local\NVIDIA
2022-08-08 06:40 - 2021-12-01 18:59 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-08 06:09 - 2021-12-02 19:31 - 000000000 ____D C:\Users\tokar\OneDrive\Documents\The Witcher 3
2022-08-01 21:40 - 2021-12-01 19:15 - 000000287 _____ C:\Users\tokar\AppData\Roaming\GPU MeterV2_Settings.ini

==================== Files in the root of some directories ========

2021-12-01 19:12 - 2021-12-13 13:52 - 000000629 _____ () C:\Users\tokar\AppData\Roaming\All CPU MeterV3_Settings.ini
2021-12-01 19:15 - 2022-08-01 21:40 - 000000287 _____ () C:\Users\tokar\AppData\Roaming\GPU MeterV2_Settings.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

toki
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 170
Registrován: 29 črc 2008 11:15
Bydliště: Košice, SK
Kontaktovat uživatele:

Re: Prosim o kontrolu

#2 Příspěvek od toki »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by tokar (28-08-2022 15:06:23)
Running from C:\Users\tokar\OneDrive\Plocha
Microsoft Windows 10 Pro Version 21H2 19044.1889 (X64) (2021-12-01 16:23:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2398447425-3274881014-1611824863-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2398447425-3274881014-1611824863-503 - Limited - Disabled)
Guest (S-1-5-21-2398447425-3274881014-1611824863-501 - Limited - Disabled)
tokar (S-1-5-21-2398447425-3274881014-1611824863-1001 - Administrator - Enabled) => C:\Users\tokar
WDAGUtilityAccount (S-1-5-21-2398447425-3274881014-1611824863-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8GadgetPack (HKLM-x32\...\{36E60904-D465-40F7-82A7-A9C7A84C29B7}) (Version: 24.0.0 - 8GadgetPack.net)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 12.12.1.1911 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.12.1.1911 - Battlestate Games)
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CurseForge (HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
D.Launcher (x86) (HKLM-x32\...\{0DC85C46-746B-4BC5-B727-D5434DF7E5D0}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{EDB276CE-A945-4201-A552-2683B13C321F}) (Version: 4.0.24 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{6648F510-5044-4CA9-BC21-494A2A198B3A}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{8d169eac-87e2-4981-825f-701b32f24d72}) (Version: 1.0.29 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{73D635BE-5D6F-43D3-8C1F-63B5CD4D5953}) (Version: 4.0.2033 - DITEC, a.s.)
Discord (HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
EAC MW klient (HKLM-x32\...\{E22CF5CA-5935-451D-9B9D-EAA79DE703BD}) (Version: 3.7.0 - Ministerstvo vnútra Slovenskej republiky)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.12.30.19078 - Battlestate Games)
EXPERTool v11.6 (HKLM\...\{660D3DDC-C82C-49B9-9511-284043713699}_is1) (Version: 11.6.0.0 - Gainward Co. Ltd.)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProPlusRetail - sk-sk) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.161.0731.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 103.0.2 (x64 sk)) (Version: 103.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Grafický ovládač 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.55.661 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 23.0.0 (HKLM\...\SteelSeries GG) (Version: 23.0.0 - SteelSeries ApS)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Warcraft Logs Companion (HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 2.2.4 - Overwolf app)
WeakAuras Companion 4.0.0 (HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\574e4d1e-05f6-5376-9898-b829d00eef2e) (Version: 4.0.0 - Buds)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WowUp 2.8.2 (HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.8.2 - Jliddev)

Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-06] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.412.0_x64__v10z8vjag6ke6 [2022-08-27] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-05-23] (Apple Inc.) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-08-09] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2398447425-3274881014-1611824863-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\tokar\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-2398447425-3274881014-1611824863-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\tokar\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2398447425-3274881014-1611824863-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\tokar\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2398447425-3274881014-1611824863-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\tokar\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter_V2.4.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.161.0731.0002\FileSyncShell64.dll [2022-08-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\nvshext.dll [2022-07-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-03-19 15:12 - 2018-03-19 15:12 - 000113678 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2018-03-19 15:12 - 2018-03-19 15:12 - 001542158 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2021-12-01 19:48 - 2011-03-02 13:40 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2021-12-01 19:11 - 2017-10-07 16:28 - 000608256 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2021-07-27 17:54 - 2022-07-19 18:23 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\GG\HIDDLL.dll
2021-07-27 17:54 - 2022-07-19 18:23 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\GG\ISPDLL.dll
2021-12-09 14:22 - 2021-12-09 14:22 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2021-12-09 14:22 - 2021-12-09 14:22 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2018-03-19 15:12 - 2018-03-19 15:12 - 000047104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libwinpthread-1.dll
2019-07-01 14:51 - 2019-07-01 14:51 - 006623384 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2398447425-3274881014-1611824863-1001\...\StartupApproved\Run: => "Disig Web Signer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{53C3E040-A75A-4C0C-82E8-612201D4AEF3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2D6D953-7ECB-4CD0-9BA0-4DC640B5723F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C71AFB43-2459-426C-BC8A-77C22F486C2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{713A8875-016A-46F0-A7AD-48F0CEC3B6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D32D6FD3-96D4-49AE-90C0-228D335E245F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A00FB31B-1D49-4C57-A0EA-12215B9D8848}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{32A420F3-2025-4FDD-A113-855A0057CD60}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FB4F5307-F3DB-48C2-9DC4-EF882310FA25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{034E4612-264E-427D-BFE8-61D375C7898D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{1993C863-9F50-4F25-9D28-CDA2743C32F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{F590C54E-2AC0-4C1F-8EC4-4E116C082A98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{370CEA0E-4074-409C-A37E-00517110B670}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{403F5AD6-FF88-44DD-97FF-A1D6D7CDD5BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9059F263-890D-4E57-B0C8-1AC16D9A666E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F26BF7F-8C72-4D90-96DB-644C89B4D19D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82139CB3-C127-45F6-8F36-F5B5C3EF50A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{47219659-E0E4-421D-A949-36FF629B1D19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADD01913-9969-44AD-9D5F-BA3FC0775E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{80C1FE84-3390-423A-A632-C5C917340F2C}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{616FF936-4AB4-491D-AFBC-312E4F372F20}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CF08F7F4-F2B8-49C5-9B3C-97E00BE5C040}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6AC0DEF6-7328-4F97-A3FD-71B0F5025BD6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC2B8FBC-08F0-44AA-B6ED-72C2945AD3B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71B7BDC4-BBF3-4A2C-8C79-6603E7305BBD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39F871AB-F5A5-4D79-B063-1E46C7E791F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC02E800-72B9-476C-87DE-0C107FD1E93D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2536BD53-7C7A-423A-9920-9119F5C6326D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{91D8C7DA-72CC-4BB5-A69B-02C7CA3B5475}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C548227E-C7BF-48C9-935B-E20A1708A089}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9917B4D4-5673-4CF7-BE3E-6AF52CF4EBE1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99570443-C075-4BF2-AB1E-44D846630035}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{861F8BB4-991B-4DA8-B439-CD22AEEAFFD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46D6D196-54C0-46A6-AAE0-3E606EF211DF}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{56B208A5-BB59-42EF-8C22-0ED06AF988E4}] => (Allow) F:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3A41DA54-CE06-4310-8BFD-E36A30DD3F2A}F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{29A2D209-6477-4B90-81B5-FE73A8CCE5DB}F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{809D3E51-AF69-49B4-AE0B-E185FC227CF3}] => (Block) F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{20497EE7-1FAD-4DF2-98F7-7752374566F6}] => (Block) F:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{783C4AB6-D1A3-465B-A41F-DCB1BA94C4BC}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F063CB51-9D12-46E6-B345-D9A73F44F4E4}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{83837FA4-CB38-4F1E-A772-2AF544D1C8D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{000DA7C4-C30F-408F-8061-CA20F8D88D8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF5F9FA1-1088-48ED-B593-C1222E0163D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BD6B53D4-C53A-4C35-9C72-B16A3E5EBF23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6232B889-368A-4483-A476-3FFFE145B58F}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{74E0CD70-0E1F-49C2-9E82-4EED830040E0}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{26FA3BD6-AA33-4E86-9345-7EC55B365E17}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{502FD95E-90C9-4C10-9373-116D3ED38489}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{D3964774-7E3A-471E-851D-0C490ED619F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5DF2F3A4-0A7D-4E52-A64E-BE82F5E582E4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5303FFF-504C-484B-BCBD-D142C13D1E0F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FC4F04C5-F830-4A19-8FA3-7FD019A1B47E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{24966597-A209-4406-A568-E4A378614E2B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE2AD0DE-6610-4479-B4B3-21ACBB53A81C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C7F980C-AAB9-43AE-B36F-DAD5F323644B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DE92CFBE-DC9B-4D8D-9C6A-ABC593CD1F61}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{184FD07B-CC57-4408-9965-EA90DFCEE32A}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{56E447E1-3A09-44CC-91F2-AB42EEC54248}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{2A745A79-3FD1-4D4E-B6CC-FCF82B6956CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{FBBC7597-70E7-4059-9252-AA01F287EF6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{8F76D848-9DAB-48CA-9A49-1BB3CD484B04}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8E723BD8-CCF1-4DAE-A8C3-8693C78DC937}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{EF85A698-EC3B-4F7C-A67A-66ACB1013541}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{783AEB37-CF4D-4E5C-A529-0706BA76B2EF}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{5E995785-E402-423A-A56D-64622C3296AD}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{90EBF791-E7EF-4A9B-AF10-673208517CB3}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{BFB6BD39-896B-4DE1-8A44-D6B6D37DB5F1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-08-2022 06:28:01 Inštalátor modulov systému Windows
14-08-2022 04:38:39 Inštalátor modulov systému Windows
21-08-2022 11:33:50 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/26/2022 01:43:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 103.0.2.8255 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4ae8

Start Time: 01d8b93c7da7fcb8

Termination Time: 4

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 3dfaac4b-c161-4d90-b828-a39ec631e759

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (08/19/2022 03:22:26 PM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (08/19/2022 03:22:26 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\TOKIBEAST$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 19 Aug 2022 13:22:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 503b3773-26bd-497a-bbf2-4530a9bdc841

Method: GET(312ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (08/18/2022 07:25:58 PM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (08/18/2022 07:25:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\TOKIBEAST$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps

Method: GET(156ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (08/14/2022 01:53:44 PM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (08/14/2022 01:53:44 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\TOKIBEAST$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 14 Aug 2022 11:53:44 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 969510dd-b1c2-44bc-9cb3-9dd8bdcdb467

Method: GET(328ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (08/09/2022 05:31:53 PM) (Source: Windows Search Service) (EventID: 3031) (User: )
Description: A document ID cannot be allocated.

Context: Application, SystemIndex Catalog

Details:
The content index service was stopped. (HRESULT : 0x80041812) (0x80041812)


System errors:
=============
Error: (08/28/2022 11:45:02 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/27/2022 05:46:42 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/27/2022 12:27:37 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/26/2022 01:08:30 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/22/2022 08:59:29 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/21/2022 01:00:11 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/21/2022 08:05:46 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (08/20/2022 06:05:07 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.


Windows Defender:
================
Date: 2022-08-27 13:42:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-22 09:21:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-21 10:09:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-20 07:39:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-10 19:17:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-08-26 14:00:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-08-19 16:45:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-08-06 06:40:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-19 12:49:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-06-15 11:33:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2423 08/10/2021
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS (WI-FI)
Processor: AMD Ryzen 5 5600X 6-Core Processor
Percentage of memory in use: 14%
Total physical RAM: 32679.5 MB
Available physical RAM: 28036.1 MB
Total Virtual: 37543.5 MB
Available Virtual: 30942.34 MB

==================== Drives ================================

Drive c: (Win 10 x64) (Fixed) (Total:931.02 GB) (Free:743.03 GB) (Model: WDS100T3X0C-00SJG0) NTFS
Drive d: (Toki HDD) (Fixed) (Total:931.51 GB) (Free:835.26 GB) (Model: ST1000DM010-2EP102) NTFS
Drive f: (Toki SSD) (Fixed) (Total:256.12 GB) (Free:99.28 GB) (Model: Crucial_CT275MX300SSD1) NTFS

\\?\Volume{8a153a08-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{fdcc8b75-0000-0000-0000-70c1e8000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 256.2 GB) (Disk ID: 8A153A08)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=256.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8A153A32)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FDCC8B75)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=500 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 116151
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [TCP Query User{6232B889-368A-4483-A476-3FFFE145B58F}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{74E0CD70-0E1F-49C2-9E82-4EED830040E0}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{26FA3BD6-AA33-4E86-9345-7EC55B365E17}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{502FD95E-90C9-4C10-9373-116D3ED38489}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{8F76D848-9DAB-48CA-9A49-1BB3CD484B04}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8E723BD8-CCF1-4DAE-A8C3-8693C78DC937}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{EF85A698-EC3B-4F7C-A67A-66ACB1013541}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{783AEB37-CF4D-4E5C-A529-0706BA76B2EF}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
R3 ALSysIO; C:\Users\tokar\AppData\Local\Temp\ALSysIO64.sys [47240 2022-08-18] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION

EmptyTemp:
End
Uložte do C:\Users\tokar\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toki
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 170
Registrován: 29 črc 2008 11:15
Bydliště: Košice, SK
Kontaktovat uživatele:

Re: Prosim o kontrolu

#4 Příspěvek od toki »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by tokar (28-08-2022 16:31:56) Run:3
Running from C:\Users\tokar\OneDrive\Plocha
Loaded Profiles: tokar
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [TCP Query User{6232B889-368A-4483-A476-3FFFE145B58F}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{74E0CD70-0E1F-49C2-9E82-4EED830040E0}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{26FA3BD6-AA33-4E86-9345-7EC55B365E17}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{502FD95E-90C9-4C10-9373-116D3ED38489}] => (Block) C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{8F76D848-9DAB-48CA-9A49-1BB3CD484B04}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{8E723BD8-CCF1-4DAE-A8C3-8693C78DC937}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{EF85A698-EC3B-4F7C-A67A-66ACB1013541}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
FirewallRules: [{783AEB37-CF4D-4E5C-A529-0706BA76B2EF}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe => No File
R3 ALSysIO; C:\Users\tokar\AppData\Local\Temp\ALSysIO64.sys [47240 2022-08-18] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6232B889-368A-4483-A476-3FFFE145B58F}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{74E0CD70-0E1F-49C2-9E82-4EED830040E0}C:\users\tokar\appdata\local\discord\app-1.0.9004\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26FA3BD6-AA33-4E86-9345-7EC55B365E17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{502FD95E-90C9-4C10-9373-116D3ED38489}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F76D848-9DAB-48CA-9A49-1BB3CD484B04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E723BD8-CCF1-4DAE-A8C3-8693C78DC937}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF85A698-EC3B-4F7C-A67A-66ACB1013541}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{783AEB37-CF4D-4E5C-A529-0706BA76B2EF}" => removed successfully
ALSysIO => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 783235781 B
Java, Discord, Steam htmlcache => 1110933672 B
Windows/system/drivers => 123376166 B
Edge => 0 B
Firefox => 1193238902 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 540575444 B
systemprofile32 => 540575444 B
LocalService => 540575444 B
NetworkService => 541050080 B
tokar => 553050494 B

RecycleBin => 4307696 B
EmptyTemp: => 5.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:33:40 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 116151
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu

#5 Příspěvek od Rudy »

Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

toki
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 170
Registrován: 29 črc 2008 11:15
Bydliště: Košice, SK
Kontaktovat uživatele:

Re: Prosim o kontrolu

#6 Příspěvek od toki »

Rudy dakujem Vam pekne. Prajem pekny den :closed:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 116151
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu

#7 Příspěvek od Rudy »

Hezký den i vám a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno