Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
SpeederBB
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 02 úno 2007 20:20

Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#1 Příspěvek od SpeederBB »

Zdravím,

Když zhruba 20-30s nepohybuji s myší, vyletí vytížení procesoru i GPU na maximum. Při spuštěném taskmanageru to nedělá. Předpokládám, že je to nějaká havěť, která se schovává. Děkuju.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2023
Ran by Speeder (administrator) on DESKTOP-LP6VKGP (ASUS System Product Name) (24-01-2023 22:05:44)
Running from C:\Users\Speeder\Desktop
Loaded Profiles: Speeder
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Alexander Roshal) [File not signed] C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe <4>
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(explorer.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe <2>
(sihost.exe ->) (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(svchost.exe ->) (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\Run: [MicrosoftEdgeAutoLaunch_B1A398D9BBF99B7A09629BAA19C1048B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2176176 2023-01-18] (Wargaming.net Limited -> Wargaming.net)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E25BB66-7C92-4E23-B34D-3F875D04F992} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {20D62751-EB27-4B0C-9E69-F57749D74B41} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27393304 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {269BB04D-FFF2-4513-8323-ABE693C437DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {293B811F-6802-4B22-9CB7-9B0343B310F1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {33058579-7BC1-46B9-ACB3-AA766C756579} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292888 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {33F5319C-3D4C-4E62-BC37-BCBA298C7910} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {344FDBC1-B21C-457A-8E34-825FEFAE9F2A} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {34C20F8A-AC5C-4D8F-A4A4-6010FC9834B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3CD3CE4C-FE5C-4750-A04B-93184322F132} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27393304 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CD3E0B8-AEF9-4216-9D55-8E72736012EC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2168120 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FDF61DA-2E34-4ABE-967F-BE591F1FECD1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {65CEED8A-DAF8-46C9-8EE6-C3B589349128} - System32\Tasks\ONPYPTFUDKDXEQKT_run => C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe [336888 2023-01-21] (Alexander Roshal) [File not signed]
Task: {668CD5DA-D0E3-40F6-B07E-F8A3D3AF1272} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6B8B8A04-09A0-4529-BCF9-7833CCEEAC72} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7985E16C-68F0-45BA-9E0E-41606FA1E7D6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2168120 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {84CC6F98-B2FF-455F-92BB-3863ED79F3ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86C0E3CA-02F6-43A3-997F-1CBCAA0CD1E8} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2022-12-02] (Advanced Micro Devices Inc. -> )
Task: {A21E2816-1079-4741-8246-C256311B2E10} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A37F9114-4503-47F3-A809-AA6F7E6F9900} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A4B0C6A8-F8C3-4BDF-97D4-7E17F80E201C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B61872BF-EE31-41F9-83B3-D5A116600D29} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6A51EFD-FD19-444E-8C7B-11ACE8977D98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C2BF2315-C7D2-4B48-8EAF-BF76ED612289} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292888 2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB352F6D-B713-434C-9ECC-43B752E982CD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DDB7D3EC-9369-492B-9A78-0864283192E1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{0a779fdf-7aed-4b33-8b74-d018d7603f08}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Speeder\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-24]
Edge DownloadDir: Default -> D:\downloads
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Copy Plain Text) - C:\Users\Speeder\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfjlgdbpkjmnofoglhlhcdfhjaglmncp [2023-01-21]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2023-01-24] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11588968 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f840d03a202f8a32\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f840d03a202f8a32\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [279616 2023-01-23] (DT Soft Ltd -> DT Soft Ltd)
R3 MpKsl55dcb5b3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{104A1E48-515A-48F8-9354-45505197BD7D}\MpKslDrv.sys [214280 2023-01-24] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-12-22] (Nvidia Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2023-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2023-01-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-24 22:05 - 2023-01-24 22:05 - 000019025 _____ C:\Users\Speeder\Desktop\FRST.txt
2023-01-24 22:03 - 2023-01-24 22:05 - 000000000 ____D C:\FRST
2023-01-24 21:56 - 2023-01-24 21:56 - 002376704 _____ (Farbar) C:\Users\Speeder\Desktop\FRST64.exe
2023-01-24 20:55 - 2023-01-24 20:55 - 000000989 _____ C:\Users\Speeder\Desktop\Core Temp.lnk
2023-01-24 20:55 - 2023-01-24 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2023-01-24 20:55 - 2023-01-24 20:55 - 000000000 ____D C:\Program Files\Core Temp
2023-01-24 20:40 - 2023-01-24 20:40 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\AMD
2023-01-24 20:40 - 2023-01-24 20:40 - 000000000 ____D C:\Program Files (x86)\AMD
2023-01-24 19:40 - 2023-01-24 19:40 - 000003536 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2023-01-24 19:40 - 2023-01-24 19:40 - 000002219 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2023-01-24 19:40 - 2023-01-24 19:40 - 000000000 ____D C:\Users\Speeder\AppData\Local\Downloaded Installations
2023-01-24 19:40 - 2023-01-24 19:40 - 000000000 ____D C:\Users\Speeder\AppData\Local\AMD
2023-01-24 19:40 - 2023-01-24 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2023-01-24 19:40 - 2023-01-24 19:40 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2023-01-24 19:40 - 2023-01-24 19:40 - 000000000 ____D C:\Program Files\AMD
2023-01-24 19:39 - 2023-01-24 20:40 - 000000000 ____D C:\AMD
2023-01-24 19:39 - 2023-01-24 19:39 - 000000000 ____D C:\Users\Speeder\AppData\Local\Setup
2023-01-24 19:39 - 2023-01-24 19:39 - 000000000 ____D C:\Users\Speeder\AppData\Local\cache
2023-01-24 18:58 - 2023-01-24 18:58 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2023-01-24 18:57 - 2023-01-24 21:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-01-23 22:55 - 2023-01-24 18:48 - 000000000 ____D C:\Users\Speeder\AppData\Local\BitTorrentHelper
2023-01-23 22:39 - 2023-01-23 22:39 - 000000000 ____D C:\Users\Speeder\AppData\Local\DCS
2023-01-23 22:37 - 2023-01-23 22:37 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2023-01-23 22:37 - 2023-01-23 22:37 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-01-23 22:37 - 2023-01-23 22:37 - 000000000 ____D C:\Program Files\MSBuild
2023-01-23 22:37 - 2023-01-23 22:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-01-23 22:37 - 2023-01-23 22:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-01-23 22:35 - 2023-01-24 18:48 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\uTorrent Web
2023-01-23 22:35 - 2023-01-23 22:35 - 000001889 _____ C:\Users\Speeder\Desktop\uTorrent Web.lnk
2023-01-23 22:35 - 2023-01-23 22:35 - 000001875 _____ C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2023-01-23 22:17 - 2023-01-23 22:17 - 000002038 _____ C:\Users\Public\Desktop\DCS World.lnk
2023-01-23 22:17 - 2023-01-23 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eagle Dynamics
2023-01-23 22:17 - 2023-01-23 22:17 - 000000000 ____D C:\Program Files\Eagle Dynamics
2023-01-23 22:14 - 2023-01-23 22:14 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\DAEMON Tools Lite
2023-01-23 22:14 - 2023-01-23 22:14 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2023-01-23 22:13 - 2023-01-23 22:14 - 000279616 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2023-01-23 22:12 - 2023-01-23 22:16 - 000000037 _____ C:\Users\Speeder\AppData\Local\X-Plane Installer.prf
2023-01-23 22:10 - 2023-01-23 22:10 - 000000022 _____ C:\Users\Speeder\AppData\Local\x-plane_install_11.txt
2023-01-23 22:09 - 2023-01-23 22:16 - 000828179 _____ C:\Users\Speeder\Desktop\X-Plane Installer Log.txt
2023-01-23 22:09 - 2023-01-23 22:15 - 000000075 _____ C:\Users\Speeder\AppData\Local\X-Plane_drm_11.prf
2023-01-23 21:42 - 2023-01-23 21:42 - 000001080 _____ C:\Users\Speeder\Desktop\SpeedFan.lnk
2023-01-23 21:42 - 2023-01-23 21:42 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2023-01-23 21:17 - 2023-01-23 21:17 - 000000000 ____D C:\Users\Speeder\ansel
2023-01-23 21:13 - 2023-01-23 21:13 - 000007601 _____ C:\Users\Speeder\AppData\Local\Resmon.ResmonCfg
2023-01-23 21:04 - 2023-01-24 21:42 - 000000000 ____D C:\Users\Speeder\AppData\Local\CrashDumps
2023-01-23 19:03 - 2023-01-24 21:19 - 000000000 ____D C:\Users\Speeder\AppData\Local\NVIDIA Corporation
2023-01-23 19:01 - 2023-01-23 19:01 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:01 - 2023-01-23 19:01 - 000000000 ____D C:\Users\Speeder\AppData\Local\DBG
2023-01-23 19:01 - 2023-01-23 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-01-23 19:01 - 2022-12-22 10:29 - 002893880 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2023-01-23 19:01 - 2022-12-22 10:29 - 002227752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2023-01-23 19:01 - 2022-12-22 10:29 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2023-01-23 19:01 - 2022-12-22 10:29 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2023-01-23 19:01 - 2022-12-22 10:29 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2023-01-23 19:00 - 2023-01-23 19:00 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:00 - 2023-01-23 19:00 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-23 19:00 - 2022-12-22 10:29 - 000169512 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2023-01-23 19:00 - 2022-12-22 10:29 - 000148520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2023-01-23 18:59 - 2022-12-22 10:29 - 000060112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2023-01-23 18:59 - 2022-12-22 10:29 - 000059368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2023-01-23 18:59 - 2022-12-22 10:29 - 000041984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2023-01-23 18:57 - 2022-12-28 23:52 - 002236992 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-01-23 18:57 - 2022-12-28 23:52 - 002236992 _____ C:\Windows\system32\vulkaninfo.exe
2023-01-23 18:57 - 2022-12-28 23:52 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-01-23 18:57 - 2022-12-28 23:52 - 001642560 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-01-23 18:57 - 2022-12-28 23:52 - 001444408 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-01-23 18:57 - 2022-12-28 23:52 - 001444408 _____ C:\Windows\system32\vulkan-1.dll
2023-01-23 18:57 - 2022-12-28 23:52 - 001227264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-01-23 18:57 - 2022-12-28 23:52 - 001168960 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-01-23 18:57 - 2022-12-28 23:52 - 001168960 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-01-23 18:57 - 2022-12-28 23:48 - 001532936 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-01-23 18:57 - 2022-12-28 23:48 - 001192968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-01-23 18:57 - 2022-12-28 23:48 - 000865304 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-01-23 18:57 - 2022-12-28 23:48 - 000747000 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-01-23 18:57 - 2022-12-28 23:48 - 000672296 _____ C:\Windows\system32\nvofapi64.dll
2023-01-23 18:57 - 2022-12-28 23:48 - 000506904 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 012453352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 010220584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 002163736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 001619976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 000949752 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 000734232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-01-23 18:57 - 2022-12-28 23:47 - 000457704 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-01-23 18:57 - 2022-12-28 23:46 - 005890584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-01-23 18:57 - 2022-12-28 23:46 - 005866544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-01-23 18:57 - 2022-12-28 23:46 - 005818352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-01-23 18:57 - 2022-12-28 23:45 - 000852968 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-01-23 18:57 - 2022-12-28 23:44 - 007648016 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-01-23 18:57 - 2022-12-22 10:29 - 000100815 _____ C:\Windows\system32\nvinfo.pb
2023-01-23 18:56 - 2023-01-23 18:56 - 000000731 _____ C:\Users\Speeder\Desktop\downloads.lnk
2023-01-23 18:20 - 2023-01-23 18:20 - 000000000 ____D C:\Windows\system32\lxss
2023-01-23 18:20 - 2023-01-23 18:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2023-01-23 18:19 - 2022-12-28 23:52 - 001487336 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-01-23 18:19 - 2022-12-28 23:46 - 003334656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-01-23 18:19 - 2022-12-28 23:44 - 006516520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-01-23 18:19 - 2022-12-22 10:29 - 000129000 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2023-01-22 16:38 - 2023-01-22 16:38 - 000001687 _____ C:\Users\Speeder\Desktop\OC23.lnk
2023-01-22 16:38 - 2023-01-22 16:38 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ski Challenge 16
2023-01-22 16:33 - 2023-01-22 16:33 - 000000000 ____D C:\Users\Speeder\AppData\Local\Adaware
2023-01-22 13:09 - 2023-01-22 13:09 - 000000000 ____D C:\Users\Speeder\Documents\My Games
2023-01-22 13:08 - 2023-01-22 13:08 - 000001221 _____ C:\Users\Speeder\Desktop\COH.lnk
2023-01-21 23:02 - 2023-01-24 20:37 - 000000000 ____D C:\Users\Speeder\AppData\Local\D3DSCache
2023-01-21 23:01 - 2023-01-21 23:01 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign46915c68e17aaafb
2023-01-21 23:00 - 2023-01-21 23:00 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsignd9dfc68b98ef02ab
2023-01-21 23:00 - 2023-01-21 23:00 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsignc39da2fde14e274d
2023-01-21 23:00 - 2023-01-21 23:00 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign68d8082aab2d8e0b
2023-01-21 22:59 - 2023-01-21 22:59 - 000000000 ____D C:\Users\Speeder\AppData\LocalLow\Adobe
2023-01-21 22:59 - 2023-01-21 22:59 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign3ae2edb0221950d3
2023-01-21 22:59 - 2023-01-21 22:59 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign0e8ecb5446841824
2023-01-21 22:58 - 2023-01-21 22:58 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign94aab1ba8aa4e4f6
2023-01-21 22:58 - 2023-01-21 22:58 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign8c3d3b687dcc8405
2023-01-21 22:31 - 2023-01-21 22:31 - 000000000 ____D C:\ProgramData\Binarysense
2023-01-21 21:58 - 2023-01-21 21:59 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-01-21 21:58 - 2023-01-21 21:58 - 000001664 _____ C:\Users\Speeder\Desktop\World_of_Warplanes.lnk
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Šablony
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Poslední
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Šablony
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Plocha
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-01-21 21:45 - 2023-01-21 21:45 - 000000000 _SHDL C:\Documents and Settings
2023-01-21 21:43 - 2023-01-24 20:42 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2023-01-21 21:43 - 2023-01-24 20:42 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-01-21 21:43 - 2023-01-24 20:42 - 000295080 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-21 21:43 - 2023-01-24 20:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 21:43 - 2023-01-24 20:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-21 21:43 - 2023-01-24 18:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-21 21:43 - 2023-01-23 22:16 - 000000000 ____D C:\Games
2023-01-21 21:43 - 2023-01-23 19:33 - 000000000 ____D C:\Windows\Panther
2023-01-21 21:43 - 2023-01-21 21:43 - 000001657 _____ C:\Users\Speeder\Desktop\World of Tanks EU.lnk
2023-01-21 21:43 - 2023-01-21 21:43 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-01-21 21:43 - 2023-01-21 21:43 - 000000000 ____D C:\Windows\ServiceProfiles
2023-01-21 21:43 - 2023-01-21 21:43 - 000000000 ____D C:\ProgramData\ASUS
2023-01-21 21:43 - 2023-01-21 20:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-01-21 21:43 - 2023-01-21 14:45 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-21 21:43 - 2023-01-21 14:45 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-21 21:43 - 2023-01-21 14:45 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-21 21:43 - 2023-01-21 14:45 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-21 21:42 - 2023-01-22 15:36 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Wargaming.net
2023-01-21 21:42 - 2023-01-21 21:58 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2023-01-21 21:42 - 2023-01-21 21:42 - 000001892 _____ C:\Users\Speeder\Desktop\Game Center.lnk
2023-01-21 21:42 - 2023-01-21 21:42 - 000000000 ____D C:\Users\Speeder\AppData\Local\PeerDistRepub
2023-01-21 21:42 - 2023-01-21 21:42 - 000000000 ____D C:\ProgramData\Wargaming.net
2023-01-21 21:31 - 2023-01-21 21:31 - 000001085 _____ C:\Users\Speeder\Desktop\Adobe Photoshop CC 2017.lnk
2023-01-21 21:31 - 2023-01-21 21:31 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\NVIDIA
2023-01-21 21:31 - 2023-01-21 21:31 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign7c21d024a938d293
2023-01-21 21:31 - 2023-01-21 21:31 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign601343bfe994b4ec
2023-01-21 21:31 - 2023-01-21 21:31 - 000000000 ____D C:\Users\Speeder\AppData\Local\Tempzxpsign42ef62127ef352d4
2023-01-21 21:31 - 2023-01-21 21:31 - 000000000 ____D C:\Users\Speeder\AppData\Local\CEF
2023-01-21 21:29 - 2023-01-21 21:29 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2023-01-21 21:29 - 2023-01-21 21:29 - 000000000 ____D C:\Users\Speeder\Documents\Adobe
2023-01-21 21:27 - 2023-01-23 22:36 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-21 21:27 - 2023-01-21 21:29 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-01-21 21:27 - 2023-01-21 21:27 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2023-01-21 21:27 - 2023-01-21 21:27 - 000000000 ____D C:\Program Files\Adobe
2023-01-21 21:26 - 2023-01-21 21:26 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-01-21 21:20 - 2023-01-21 21:20 - 000003280 _____ C:\Windows\system32\Tasks\ONPYPTFUDKDXEQKT_run
2023-01-21 21:09 - 2023-01-23 18:19 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Macromedia
2023-01-21 21:09 - 2023-01-22 13:03 - 000000000 ____D C:\Users\Speeder\AppData\Local\Adobe
2023-01-21 21:09 - 2023-01-22 13:03 - 000000000 ____D C:\ProgramData\Adobe
2023-01-21 19:46 - 2023-01-21 19:46 - 000000000 ___HD C:\$WinREAgent
2023-01-21 19:46 - 2023-01-21 19:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-21 19:45 - 2023-01-21 19:46 - 000000000 ____D C:\Windows\system32\MRT
2023-01-21 19:24 - 2023-01-21 19:24 - 000002511 _____ C:\Users\Speeder\Desktop\Word.lnk
2023-01-21 19:24 - 2023-01-21 19:24 - 000002483 _____ C:\Users\Speeder\Desktop\Excel.lnk
2023-01-21 19:11 - 2023-01-21 19:11 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-01-21 19:11 - 2023-01-21 19:11 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-01-21 19:11 - 2023-01-21 19:11 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-01-21 19:11 - 2023-01-21 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2023-01-21 19:11 - 2023-01-21 19:11 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-01-21 19:10 - 2023-01-21 19:11 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-21 19:10 - 2023-01-21 19:10 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-01-21 19:00 - 2023-01-21 19:00 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\WinRAR
2023-01-21 18:56 - 2023-01-21 18:56 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-01-21 18:56 - 2023-01-21 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-01-21 18:56 - 2023-01-21 18:56 - 000000000 ____D C:\Program Files\WinRAR
2023-01-21 18:31 - 2023-01-23 21:17 - 000000000 ____D C:\Users\Speeder\AppData\Local\NVIDIA
2023-01-21 18:29 - 2023-01-21 18:29 - 000001339 _____ C:\Users\Speeder\Desktop\FurMark.lnk
2023-01-21 18:29 - 2023-01-21 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2023-01-21 18:29 - 2023-01-21 18:29 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2023-01-21 18:28 - 2023-01-21 18:28 - 000000871 _____ C:\Users\Speeder\Desktop\HWiNFO64.lnk
2023-01-21 17:01 - 2023-01-21 17:01 - 000001841 _____ C:\Users\Speeder\Desktop\CrystalDiskMark 8.lnk
2023-01-21 17:01 - 2023-01-21 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8
2023-01-21 17:01 - 2023-01-21 17:01 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2023-01-21 16:20 - 2023-01-24 18:24 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2023-01-21 16:20 - 2023-01-23 21:42 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2023-01-21 16:20 - 2023-01-21 16:20 - 003086696 _____ C:\Users\Speeder\Downloads\instspeedfan452.exe
2023-01-21 16:19 - 2023-01-24 20:41 - 000003146 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-01-21 16:19 - 2023-01-21 16:19 - 000001159 _____ C:\Users\Speeder\Desktop\MSI Afterburner.lnk
2023-01-21 16:19 - 2023-01-21 16:19 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-01-21 16:18 - 2023-01-23 21:20 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-01-21 16:17 - 2023-01-21 16:18 - 055656869 _____ C:\Users\Speeder\Downloads\MSIAfterburnerSetup.zip
2023-01-21 16:13 - 2023-01-22 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2023-01-21 16:13 - 2023-01-22 15:33 - 000000000 ____D C:\Program Files\HWiNFO64
2023-01-21 16:12 - 2023-01-21 16:12 - 000001048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2023-01-21 16:12 - 2023-01-21 16:12 - 000001036 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2023-01-21 16:12 - 2023-01-21 16:12 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2023-01-21 16:12 - 2023-01-21 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2023-01-21 16:12 - 2023-01-21 16:12 - 000000000 ____D C:\Program Files\CPUID
2023-01-21 16:12 - 2023-01-21 16:12 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2023-01-21 15:57 - 2023-01-21 15:57 - 000000000 ____D C:\Users\Speeder\Documents\MAXON
2023-01-21 15:57 - 2023-01-21 15:57 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Maxon
2023-01-21 15:31 - 2023-01-21 15:31 - 000000000 ___HD C:\OneDriveTemp
2023-01-21 14:57 - 2023-01-21 14:57 - 000000000 ____D C:\Users\Speeder\AppData\Local\Comms
2023-01-21 14:56 - 2023-01-23 18:19 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3536389292-1820900458-2669083823-1001
2023-01-21 14:55 - 2023-01-24 20:42 - 000000000 ___RD C:\Users\Speeder\OneDrive
2023-01-21 14:55 - 2023-01-23 18:19 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3536389292-1820900458-2669083823-1001
2023-01-21 14:55 - 2023-01-21 18:13 - 000000000 ____D C:\Users\Speeder\AppData\Local\PlaceholderTileLogoFolder
2023-01-21 14:55 - 2023-01-21 14:55 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-01-21 14:54 - 2023-01-23 22:26 - 000000000 ____D C:\Users\Speeder\AppData\Local\Packages
2023-01-21 14:54 - 2023-01-23 18:20 - 000000000 ____D C:\ProgramData\Packages
2023-01-21 14:54 - 2023-01-22 13:03 - 000000000 ____D C:\Users\Speeder\AppData\Roaming\Adobe
2023-01-21 14:54 - 2023-01-21 15:31 - 000000000 ____D C:\Users\Speeder\AppData\Local\ConnectedDevicesPlatform
2023-01-21 14:54 - 2023-01-21 14:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-01-21 14:54 - 2023-01-21 14:54 - 000000000 ___RD C:\Users\Speeder\3D Objects
2023-01-21 14:54 - 2023-01-21 14:54 - 000000000 ____D C:\Users\Speeder\AppData\Local\VirtualStore
2023-01-21 14:54 - 2023-01-21 14:54 - 000000000 ____D C:\Users\Speeder\AppData\Local\Publishers
2023-01-21 14:52 - 2023-01-24 20:49 - 001693656 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-21 14:52 - 2023-01-24 19:40 - 000000000 ____D C:\Users\Speeder
2023-01-21 14:52 - 2023-01-23 18:19 - 000002387 _____ C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-21 14:52 - 2023-01-21 14:52 - 000000020 ___SH C:\Users\Speeder\ntuser.ini
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Šablony
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Soubory cookie
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Poslední
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Okolní tiskárny
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Okolní síť
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Nabídka Start
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Dokumenty
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Documents\Obrázky
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Documents\Hudba
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Documents\Filmy
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\Data aplikací
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-01-21 14:52 - 2023-01-21 14:52 - 000000000 _SHDL C:\Users\Speeder\AppData\Local\Data aplikací
2023-01-21 14:51 - 2023-01-24 20:43 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-21 14:50 - 2023-01-23 21:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-01-21 14:50 - 2023-01-23 19:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-01-21 14:50 - 2023-01-23 19:01 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-01-21 14:50 - 2017-11-09 04:40 - 036248176 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2023-01-21 14:50 - 2017-11-09 04:40 - 029279672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2023-01-21 14:50 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2023-01-21 14:50 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438813.dll
2023-01-21 14:50 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438813.dll
2023-01-21 14:50 - 2017-11-09 04:38 - 001624168 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2023-01-21 14:50 - 2017-11-09 04:37 - 040246384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2023-01-21 14:50 - 2017-11-09 04:37 - 035165624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2023-01-21 14:50 - 2017-11-09 04:30 - 013379352 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2023-01-21 14:50 - 2017-11-09 04:30 - 010986768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2023-01-21 14:50 - 2017-11-09 04:26 - 001154296 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2023-01-21 14:50 - 2017-11-09 04:26 - 000902312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2023-01-21 14:50 - 2017-11-09 03:57 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2023-01-21 14:50 - 2017-11-09 03:57 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2023-01-21 14:49 - 2023-01-21 14:54 - 000338040 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2023-01-21 14:45 - 2023-01-21 14:45 - 000000000 ____D C:\Windows\CSC

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-24 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-24 20:49 - 2019-12-07 15:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2023-01-24 20:49 - 2019-12-07 15:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2023-01-24 20:49 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-24 20:41 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-01-24 18:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-23 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2023-01-23 22:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2023-01-23 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-01-23 18:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Help
2023-01-23 18:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-22 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2023-01-21 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2023-01-21 21:43 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-01-21 21:43 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-01-21 20:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-01-21 19:52 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-01-21 19:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-01-21 19:51 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-01-21 19:51 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-01-21 19:51 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-01-21 19:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-01-21 19:11 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-01-21 15:10 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-01-21 15:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-01-21 14:52 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-01-21 14:45 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-01-21 14:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\spool
2023-01-21 14:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate

==================== Files in the root of some directories ========

2023-01-24 19:26 - 2023-01-24 21:37 - 000000205 _____ () C:\Users\Speeder\AppData\Local\oobelibMkey.log
2023-01-23 21:13 - 2023-01-23 21:13 - 000007601 _____ () C:\Users\Speeder\AppData\Local\Resmon.ResmonCfg
2023-01-23 22:12 - 2023-01-23 22:16 - 000000037 _____ () C:\Users\Speeder\AppData\Local\X-Plane Installer.prf
2023-01-23 22:09 - 2023-01-23 22:15 - 000000075 _____ () C:\Users\Speeder\AppData\Local\X-Plane_drm_11.prf
2023-01-23 22:10 - 2023-01-23 22:10 - 000000022 _____ () C:\Users\Speeder\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by Speeder (24-01-2023 22:06:26)
Running from C:\Users\Speeder\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) (2023-01-21 13:44:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3536389292-1820900458-2669083823-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3536389292-1820900458-2669083823-503 - Limited - Disabled)
Guest (S-1-5-21-3536389292-1820900458-2669083823-501 - Limited - Disabled)
Speeder (S-1-5-21-3536389292-1820900458-2669083823-1001 - Administrator - Enabled) => C:\Users\Speeder
WDAGUtilityAccount (S-1-5-21-3536389292-1820900458-2669083823-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.119 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.10.1.2287 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.10.1.2287 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
DCS World (HKLM\...\DCS World_is1) (Version: 2 - Eagle Dynamics)
Geeks3D FurMark 1.32.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.32.1.0 - Geeks3D)
HWiNFO64 Version 7.36 (HKLM\...\HWiNFO64_is1) (Version: 7.36 - Martin Malik - REALiX)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.11929.20376 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\OneDriveSetup.exe) (Version: 23.002.0102.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 528.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.02 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Ski Challenge 16 (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\sc16-GAMETWIST_MAIN) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.52.0 - TechPowerUp)
uTorrent Web (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\Wargaming.net Game Center) (Version: 22.6.0.1216 - Wargaming.net)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\...\WOWP.WW.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2023-01-21] (Disney)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2023-01-23] (NVIDIA Corp.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2023-01-21] (Skype)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0 [2023-01-21] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3536389292-1820900458-2669083823-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_f840d03a202f8a32\nvshext.dll [2022-12-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-10-12 01:08 - 2016-10-12 01:08 - 000124928 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000223232 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2022-11-17 10:16 - 2022-11-17 10:16 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2022-11-17 10:15 - 2022-11-17 10:15 - 000059392 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2022-11-17 10:16 - 2022-11-17 10:16 - 000699904 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2022-11-17 10:15 - 2022-11-17 10:15 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2022-11-17 10:16 - 2022-11-17 10:16 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-21] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3536389292-1820900458-2669083823-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Speeder\Pictures\Saved Pictures\poz02.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9CED3ECA-A38B-4B9C-9B94-B9EB6205B224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98B1C77C-4065-47C5-9DFB-FC58394671C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69AD2411-B80E-4A39-B888-27EE27AC8C7D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08405B19-8870-46C1-ABD9-84303C271EEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B5A3BB2-0CC2-4FB1-A731-1FA223742F33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEF6D7F2-00C6-4171-8144-7019489D6452}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61AE386D-7631-4CD5-8A05-0BFD9246A415}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4643EFAC-1EB5-4F0F-8F10-45497F6A22EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{CC163A53-A773-4FA5-8352-122E3CD832B0}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{068BBE19-4DC5-49A8-866F-571165600C42}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{D13EF688-D579-484D-BBCD-FBA8BA0B53C5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DD057174-B827-4CA8-A716-7DA4719FEA5A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E2DF53EB-914C-48E4-9A0E-27D246AD5FF2}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{721BB966-A94F-498C-ADA7-6BBDA65187A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FCB360A0-6A9F-4D13-8365-21C287749DC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D0F5989B-3E8B-464F-BDE2-C6D22990AFEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BCE835D5-7479-4ACB-8514-72AA4057C660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1BE7D0E1-E53B-4EAE-A365-ECACB377DC2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{691021B0-3C1A-400A-939D-D60098969307}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8A0305DE-4E4A-428A-BF37-B68C3C9EDFCB}] => (Allow) C:\Users\Speeder\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{91E49485-6530-4318-81C5-BB77FCA6A1DB}] => (Allow) C:\Users\Speeder\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)

==================== Restore Points =========================

23-01-2023 22:36:23 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2023 09:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ONPYPTFUDKDXEQKT.exe, verze: 5.30.0.0, časové razítko: 0x564c419c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x1218
Čas spuštění chybující aplikace: 0x01d9302bff3c114e
Cesta k chybující aplikaci: C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5981ee2c-4a49-44fb-8194-6ac626019957
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/24/2023 09:37:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (01/24/2023 09:37:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (01/24/2023 08:42:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-LP6VKGP$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 19:42:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ff239b8d-370f-4546-b651-e84e360a8129

Metoda: GET(219ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2023 07:29:14 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-LP6VKGP$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 18:29:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3829c5f7-1084-4686-87a1-cf0809b7b001

Metoda: GET(265ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2023 07:16:22 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-LP6VKGP$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 18:16:22 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ec3255c1-347c-4967-9d94-bb2fa3fc64bb

Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2023 06:54:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-LP6VKGP$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 24 Jan 2023 17:54:37 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7c60cad2-d09a-41cf-af14-1a960e2a67d0

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2023 06:13:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.SharePoint.exe, verze: 23.2.102.4, časové razítko: 0x9ff405d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x3818
Čas spuštění chybující aplikace: 0x01d9301722381d66
Cesta k chybující aplikaci: C:\Users\Speeder\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 0d316e7b-c7b4-47de-9636-d6747f758712
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/24/2023 08:42:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/24/2023 08:42:13 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/24/2023 07:29:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/24/2023 07:29:03 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/24/2023 07:16:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/24/2023 07:16:11 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (01/24/2023 06:54:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/24/2023 06:54:26 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.


Windows Defender:
================
Date: 2023-01-23 22:34:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/uTorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\downloads\utweb_installer.exe; webfile:_D:\downloads\utweb_installer.exe|https://download-new.utorrent.com/endpo ... 2903078526
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-LP6VKGP\Speeder
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.381.2606.0, AS: 1.381.2606.0, NIS: 1.381.2606.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-23 21:25:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {15F288BF-7249-4F68-9273-9552FD40EC90}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-01-22 16:20:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\downloads\PDFsamBasic4Installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-LP6VKGP\Speeder
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.2543.0, AS: 1.381.2543.0, NIS: 1.381.2543.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-22 14:53:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {11EF3791-63F3-4426-B645-F04AFC227D80}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-01-21 21:22:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Agent
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\downloads\Adobe Photoshop CC 2017 v18.0 CZ (64 bit) + Crack\amtemu.v0.9.1-painter.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-LP6VKGP\Speeder
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.381.2511.0, AS: 1.381.2511.0, NIS: 1.381.2511.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2803 04/27/2022
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 16265.27 MB
Available physical RAM: 8532.41 MB
Total Virtual: 19209.27 MB
Available Virtual: 6031.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.94 GB) (Free:648.31 GB) (Model: WD Blue SN570 1TB SSD) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:515.72 GB) (Model: SAMSUNG HD103SJ) NTFS

\\?\Volume{2fb865f9-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{2fb865f9-0000-0000-0000-80bfe8000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E154E154)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2FB865F9)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 14681
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#2 Příspěvek od JaRon »

ahoj,
1. vycisti PC s CCleanerom, vcetne registrov
restart
2. spust s prikazoveho riadku ako spravca sfc/scannow
restart
3. vycisti PC s MBAM - info sem
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

SpeederBB
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 02 úno 2007 20:20

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#3 Příspěvek od SpeederBB »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.01.23
Čas skenování: 18:26
Logovací soubor: 60f341d6-9cd5-11ed-b723-c87f540c6af9.json

-Informace o softwaru-
Verze: 4.5.20.230
Verze komponentů: 1.0.1868
Aktualizovat verzi balíku komponent: 1.0.64962
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19045.2486)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-LP6VKGP\Speeder

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 475149
Zjištěné hrozby: 7
Hrozby umístěné do karantény: 7
Uplynulý čas: 1 hod, 10 min, 57 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 7
HackTool.Agent, D:\DOWNLOADS\ADOBE PHOTOSHOP CC 2017 V18.0 CZ (64 BIT) + CRACK\AMTEMU.V0.9.1-PAINTER.EXE, V karanténě, 3664, 448498, 1.0.64962, 0000000000000000000003EB, dds, 02139090, A209B88B9B2CF7339BE0AC5126417875, C2F6D462A20F92B97C49C3AF19872FC4DF6AABD4F66F4B8B298A1303881422F6
RiskWare.KMS, D:\DOWNLOADS\MICROSOFT OFFICE PROFESSIONAL PLUS 2019 MSO (16.0.11929.20370)\KMS.TOOLS.PORTABLE.15.12.2018\PROGRAMS\OFFICE 2013-2019 C2R INSTALL V6.4.9\OINSTALLLITE.EXE, V karanténě, 869, 632069, 1.0.64962, 0000000000000000000003EB, dds, 02139090, 03545CF08B284100C309E4F4A6AB6574, B8AB39E086F7B791333C009CFB41E8157D048A793FDA3FCECADBC80D08F535ED
RiskWare.KMS, D:\DOWNLOADS\MICROSOFT OFFICE PROFESSIONAL PLUS 2019 MSO (16.0.11929.20370)\KMS.TOOLS.PORTABLE.15.12.2018\PROGRAMS\OFFICE 2013-2019 C2R INSTALL V6.4.9\OINSTALL.EXE, V karanténě, 869, 632069, 1.0.64962, B72641CB42561BB1EEE356A0, dds, 02139090, 0F3B8C8EFD845E45C5DF6F433EDD1EF8, CA991B9B7CCFB19218EC4D0B58CEC38B9B373BE5E4E35AD28946B54343132CA6
RiskWare.KMS, D:\DOWNLOADS\MICROSOFT OFFICE PROFESSIONAL PLUS 2019 MSO (16.0.11929.20370)\OFFICE\PROGRAMS\OFFICE 2013-2019 C2R INSTALL V6.4.9\OINSTALLLITE.EXE, V karanténě, 869, 632069, 1.0.64962, 0000000000000000000003EB, dds, 02139090, 03545CF08B284100C309E4F4A6AB6574, B8AB39E086F7B791333C009CFB41E8157D048A793FDA3FCECADBC80D08F535ED
PUP.Optional.OfferCore, D:\DOWNLOADS\UTWEB_INSTALLER.EXE, V karanténě, 520, 1104239, 1.0.64962, , ame, , 11A5830F7F4A1037D8230587944548F1, 1BB2C481300ADDBA00EC81DDE4C27895677DA7EC64DD5E84E0881C2344BFC442
RiskWare.KMS, D:\DOWNLOADS\MICROSOFT OFFICE PROFESSIONAL PLUS 2019 MSO (16.0.11929.20370)\OFFICE\PROGRAMS\OFFICE 2013-2019 C2R INSTALL V6.4.9\OINSTALL.EXE, V karanténě, 869, 632069, 1.0.64962, B72641CB42561BB1EEE356A0, dds, 02139090, 0F3B8C8EFD845E45C5DF6F433EDD1EF8, CA991B9B7CCFB19218EC4D0B58CEC38B9B373BE5E4E35AD28946B54343132CA6
PUP.Optional.Seznam, D:\DOWNLOADS\PDFSAMBASIC4INSTALLER.EXE, V karanténě, 693, 623984, 1.0.64962, BD4ADA2F6679A6E89C9A948E, dds, 02139090, C9D72A481F99FD77D1076F9B41F47496, B1ADFC4B2416E40A2452FF333439FA685C580F18972BB63441B051E7CD28FC54

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 14681
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#4 Příspěvek od JaRon »

Je to lepsie :???:
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

SpeederBB
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 02 úno 2007 20:20

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#5 Příspěvek od SpeederBB »

Bohužel problém přetrvává. Malwarebytes mi vyhazuje tato hlášení. Je jich tam vícero různých.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum události ochrany: 25.01.23
Čas události ochrany: 20:05
Logovací soubor: 3de4a7b2-9ce3-11ed-ab45-c87f540c6af9.json

-Informace o softwaru-
Verze: 4.5.20.230
Verze komponentů: 1.0.1868
Aktualizovat verzi balíku komponent: 1.0.64962
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19045.2486)
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Podrobnosti o zablokovaném webu-
Škodlivý web: 1
, C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe, Zablokováno, -1, -1, 0.0.0, ,

-Údaje o webu-
Kategorie: Potenciálně nežádoucí program
Doména: monero.herominers.com
IP Adresa: 141.95.126.31
Port: 1112
Typ: Odchozí
Soubor: C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe



(end)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 14681
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#6 Příspěvek od JaRon »

Pouzi fixlist.txt

Kód: Vybrat vše

Start

Task: {65CEED8A-DAF8-46C9-8EE6-C3B589349128} - System32\Tasks\ONPYPTFUDKDXEQKT_run => C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe [336888 2023-01-21] (Alexander Roshal) [File not signed]

EmptyTemp:
End
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

SpeederBB
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 02 úno 2007 20:20

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#7 Příspěvek od SpeederBB »

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2023
Ran by Speeder (25-01-2023 20:39:07) Run:1
Running from C:\Users\Speeder\Desktop
Loaded Profiles: Speeder
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Task: {65CEED8A-DAF8-46C9-8EE6-C3B589349128} - System32\Tasks\ONPYPTFUDKDXEQKT_run => C:\Users\Speeder\AppData\Roaming\Macromedia\ONPYPTFUDKDXEQKT.exe [336888 2023-01-21] (Alexander Roshal) [File not signed]

EmptyTemp:
End
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65CEED8A-DAF8-46C9-8EE6-C3B589349128}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65CEED8A-DAF8-46C9-8EE6-C3B589349128}" => removed successfully
C:\Windows\System32\Tasks\ONPYPTFUDKDXEQKT_run => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ONPYPTFUDKDXEQKT_run" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10632009 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 443231 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 36392 B
NetworkService => 41302 B
Speeder => 76747013 B

RecycleBin => 93060 B
EmptyTemp: => 85.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:39:37 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 14681
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#8 Příspěvek od JaRon »

Po restarte by to malo byt v haji :)
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

SpeederBB
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 02 úno 2007 20:20

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#9 Příspěvek od SpeederBB »

Zdá se to býti OK a ani Malwarebytes už nic nehlásí jako hrozbu zvenčí. Mockrát děkuju.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 14681
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu - 100% vytížení HW po 30s nečinnosti

#10 Příspěvek od JaRon »

OK, zastav sa o mesiac-dva na preventivku :)
rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno