Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o preventivnu kontrolu, dakujem.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
peter1207
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 22 pro 2014 20:17

Prosim o preventivnu kontrolu, dakujem.

#1 Příspěvek od peter1207 »

PC bol napadnutý trojanom, Defender ho občas objavil ale hned sa vyparil, toto sa opakovalo pár dní tak som reinštaloval win s vymazaním ssd. Teraz sa pc javí ok, ale chodia mi v poslednej dobe časté bezpečnostné upozornenia od googlu, microsoftu, netflixu a ine....mením heslá po nejakej dobe sa to o5 opakuje.
Ďakujem veľmi pekne za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2023
Ran by peter (administrator) on LAPTOP-B854KS8P (LENOVO 82B1) (01-02-2023 21:15:52)
Running from C:\Users\peter\OneDrive\Desktop
Loaded Profiles: peter
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LIX] => C:\Program Files (x86)\SPC Gear\LIX\OemDrv.exe [2452992 2020-05-07] () [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [] => [X]
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [Spotify] => C:\Users\peter\AppData\Roaming\Spotify\Spotify.exe [20232568 2022-11-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2022-12-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe [22816 2022-11-15] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188576 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2022-12-13] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2018 Fast Start.lnk [2022-12-13]
ShortcutTarget: SOLIDWORKS 2018 Fast Start.lnk -> C:\Windows\Installer\{837A0B0D-F508-4088-8B05-606477DEB905}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk [2022-12-13]
ShortcutTarget: SOLIDWORKS Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-4249308867-3700432313-2213772059-500 -> No File <==== ATTENTION
Task: {082E828D-786D-42AA-BDED-60BB8C3AB01A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {08B6CB8C-F82A-428A-AC63-AAEE989608A3} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0C8E75C3-00C3-46E8-8CC5-5C82158DAFD6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EDE76F4-3097-4288-BCD2-D3B273868237} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0F21BC26-EB06-4D63-AD35-0147090AD3B3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
Task: {1C062471-1558-4B55-A37E-BF1522B1E419} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {21CBAA2D-6DAE-4615-AE60-694BECD1EAFC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2256ED79-2C4F-4374-8289-B358AD799CD8} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2FAD79B0-1009-494B-85A8-304404E92E0D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {35B443D6-9A86-4384-A103-88DBA4A4460C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {3E9762B9-B682-4568-893F-B4278F90E22B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {418F0215-45C5-4434-B33F-EA0985D431B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {535D0284-5BF1-4A80-B61F-AC31A65B45AC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5BCB3082-1103-4BB1-81F6-C76320CA0BD3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5C8E85A6-05A1-4440-93AB-DA82E57B5BFC} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {60BADF28-BBC5-48E9-872D-FEB4A36CF6B1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {74766506-39AF-45E8-AE72-C4D72466DDEA} - System32\Tasks\Lenovo\LenovoWelcomeTask => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1557792 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {7A44C748-F4FE-4900-B7B0-91C087ACD559} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {82DC447B-5DED-4FEA-BA6D-504FBAD5F588} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {8319467A-AF34-4657-AC54-1D694D3238DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CEF6E7F-349B-463F-A2F9-015421209E77} - \LenovoUtility Startup -> No File <==== ATTENTION
Task: {8EB032DD-BCDE-4EE7-8800-514EC0784150} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-11-17] (Google Inc -> Google LLC)
Task: {90354BCA-EAFB-4FC2-B9B1-15744F7483D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aacfd380-a70d-4e06-9955-6ec4952f9221 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {96397FEA-935C-4547-893C-D8695FDD25A1} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {A984A7A3-4C2E-47FB-856D-C562171D0BEF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\59a89918-b74b-4041-928e-db83ee17a051 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A9937C89-6326-4D80-9316-166F6A98F25E} - System32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {ABBA71A6-9BD0-444D-A27B-83A23D363F5B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD8DE74E-372E-4960-A025-DEF427FD58CC} - System32\Tasks\Lenovo\LenovoWelcomeQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1557792 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {B04A9BAA-BD24-43E3-BF84-E27331B8D9F6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B1F74D4D-ECD0-430E-BD7D-4C91462F7CDA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\82e5aafc-dfe7-4d6d-89bb-3c732a91c5ef => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B76F92B9-7E48-4F66-90EC-0F62C7A1EDF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-11-17] (Google Inc -> Google LLC)
Task: {C2BEBBD4-85E0-4A61-94AD-9FEBD723CAA8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {C5FF0972-104A-42E3-B512-AA0E79062122} - System32\Tasks\Lenovo\LenovoWelcomeLauncher => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcome.exe [1010976 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {D07A9112-2E82-415B-B191-8A87B631202D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D42A200C-2E76-40DA-BA1A-863E83329991} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d8901dc4-1de2-421a-a14b-22867ae085d4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE9F9905-D50C-4EA4-B56A-6E8864AEF24A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEF14753-5673-410A-AEAF-23F3375B0FA7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EA91A606-6983-4A0E-9FEC-722631DA3CF2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EDCA96D6-1663-43A4-83F8-81413CBBEFB1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EF3A6EB7-815C-4061-B780-CFE19C9848D2} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9f90c032-8ba8-463c-852d-e5fc59e839f7}: [DhcpNameServer] 150.207.1.3

Edge:
=======
Edge Profile: C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-12]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge StartupUrls: Default -> "hxxps://www.google.sk/","hxxps://www.google.com/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\NPCOMP~1.DLL [2018-07-31] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\x86\NPCOMP~1.DLL [2018-07-31] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2023-02-01]
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-15]
CHR Extension: (Canva) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbcfmcoibkecmionmehabndbljdleekf [2022-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-17]

Opera:
=======
OPR Profile: C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable [2023-02-01]
OPR Extension: (Rich Hints Agent) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-13]
OPR Extension: (Opera Wallet) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-13]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-17] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-07-31] (Trace Software International -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-07-31] (Intel(R) Software Development Products -> Intel Corporation)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [283112 2022-11-07] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2022-12-13] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-07-31] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-07-31] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-randgrid_sr; C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [2877704 2023-01-12] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [43896 2020-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo Group Ltd.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2019-12-26] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 GuiHidUsbDevLowerFFB; C:\WINDOWS\System32\Drivers\GuiHidUsbDevLowerFFB.sys [143872 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2020. All rights reserved.)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 tmhidusb; C:\WINDOWS\System32\drivers\tmhidusb.sys [432136 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmResetMin; C:\WINDOWS\System32\Drivers\tmResetMin.sys [47648 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2021. All rights reserved.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-01 21:15 - 2023-02-01 21:16 - 000000000 ____D C:\FRST
2023-01-24 19:16 - 2023-01-18 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001444416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001444416 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001168952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001168952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000672296 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000506856 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 002163736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001619968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001532432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001192968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 000949736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 000743976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-01-24 19:16 - 2023-01-18 06:48 - 000734232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 012453352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 010220536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 005890552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 005865976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-01-24 19:16 - 2023-01-18 06:46 - 005818872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-01-24 19:16 - 2023-01-15 23:41 - 000101010 _____ C:\WINDOWS\system32\nvinfo.pb
2023-01-24 19:15 - 2023-01-18 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-01-18 22:55 - 2023-01-18 22:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\UserBenchmark
2023-01-18 22:54 - 2023-01-18 22:54 - 000521728 _____ (UserBenchmark) C:\Users\peter\Downloads\UserBenchmarkInstaller.exe
2023-01-18 21:59 - 2023-01-18 21:59 - 000007597 _____ C:\Users\peter\AppData\Local\Resmon.ResmonCfg
2023-01-17 19:35 - 2023-01-28 09:28 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-12 22:34 - 2023-01-12 22:34 - 000000000 ___HD C:\$WinREAgent
2023-01-07 21:23 - 2023-01-18 06:44 - 006517008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-01-04 17:59 - 2023-01-31 22:21 - 000000000 ____D C:\Users\peter\AppData\Local\CrashDumps
2023-01-04 17:59 - 2023-01-04 17:59 - 000000000 ____D C:\Users\peter\AppData\Local\Lenovo_Group_Ltd

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-01 21:16 - 2022-11-17 00:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-01 20:37 - 2022-11-17 06:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-01 20:14 - 2020-09-04 19:41 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-01 17:54 - 2022-11-16 21:34 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-01 12:25 - 2020-09-04 19:49 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-01 12:19 - 2022-11-17 06:53 - 000983156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-01 12:19 - 2022-11-16 21:33 - 000000000 ____D C:\WINDOWS\INF
2023-02-01 12:12 - 2022-11-17 06:43 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-01 12:12 - 2022-11-17 06:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-01 12:12 - 2022-11-17 00:20 - 000001157 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2023-02-01 12:12 - 2022-11-17 00:20 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-02-01 12:12 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-01 12:11 - 2022-11-16 21:30 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-01 12:07 - 2022-11-16 23:43 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-01 11:11 - 2022-11-22 16:38 - 000003336 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460
2023-02-01 11:04 - 2022-11-16 21:31 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-01 02:29 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-31 10:00 - 2022-11-16 21:34 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-30 20:02 - 2022-11-16 22:42 - 000041312 _____ C:\WINDOWS\storelibdebug.txt
2023-01-29 20:48 - 2022-11-16 22:08 - 000000000 ____D C:\Users\peter\AppData\Local\D3DSCache
2023-01-29 13:44 - 2022-11-16 23:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-28 09:28 - 2022-11-17 06:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-27 21:27 - 2022-11-17 00:10 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-27 21:27 - 2022-11-17 00:10 - 000002229 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-26 20:31 - 2022-11-16 22:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-25 20:47 - 2022-11-16 22:05 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-888362058-2165733168-3384824745-1001
2023-01-25 20:47 - 2022-11-16 21:58 - 000002378 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-24 19:29 - 2022-11-16 22:25 - 000000000 ____D C:\Users\peter\AppData\Local\NVIDIA
2023-01-23 18:49 - 2022-12-13 18:33 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1670952788
2023-01-23 18:49 - 2022-12-13 18:33 - 000001416 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2023-01-18 19:36 - 2022-11-16 22:06 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-888362058-2165733168-3384824745-1001
2023-01-18 06:47 - 2022-12-11 19:31 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-01-18 06:44 - 2022-11-16 23:35 - 007648024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-01-12 22:51 - 2022-11-17 06:43 - 001508720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-12 22:37 - 2022-11-17 06:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-12 22:34 - 2022-11-16 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-12 22:32 - 2022-11-16 22:07 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-11 20:20 - 2022-11-16 22:05 - 000000000 ____D C:\Users\peter\AppData\Local\NVIDIA Corporation
2023-01-07 20:07 - 2022-11-17 01:09 - 000000000 ____D C:\Users\peter\AppData\Roaming\Spotify
2023-01-07 17:38 - 2022-11-17 01:10 - 000000000 ____D C:\Users\peter\AppData\Local\Spotify
2023-01-04 18:09 - 2022-11-16 22:47 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2023-01-04 18:09 - 2022-11-16 22:08 - 000000000 ____D C:\WINDOWS\TempInst
2023-01-04 17:59 - 2022-11-16 22:05 - 000000000 ____D C:\Users\peter\AppData\Local\Lenovo
2023-01-04 17:58 - 2022-11-17 06:43 - 000000000 ____D C:\ProgramData\Lenovo

==================== Files in the root of some directories ========

2022-12-13 18:26 - 2017-10-12 21:12 - 000002432 _____ () C:\Program Files\SerialNumbers.ini
2022-12-13 18:26 - 2017-10-12 21:12 - 016071680 _____ (TeAM SolidSQUAD-SSQ) C:\Program Files\SolidWorks.2017-2018.Activator.SSQ.exe
2022-12-13 18:28 - 2022-12-13 18:28 - 000004606 _____ () C:\Program Files\sw_d.lic
2023-01-18 21:59 - 2023-01-18 21:59 - 000007597 _____ () C:\Users\peter\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2023
Ran by peter (01-02-2023 21:17:10)
Running from C:\Users\peter\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) (2022-11-17 05:50:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-888362058-2165733168-3384824745-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-888362058-2165733168-3384824745-503 - Limited - Disabled)
Guest (S-1-5-21-888362058-2165733168-3384824745-501 - Limited - Disabled)
peter (S-1-5-21-888362058-2165733168-3384824745-1001 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-888362058-2165733168-3384824745-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Corel Graphics - Windows Shell Extension (HKLM\...\_{6EAF157F-28B9-4D44-9AEE-39415B106CAF}) (Version: 24.2.0.371 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{6EAF157F-28B9-4D44-9AEE-39415B106CAF}) (Version: 24.2.371 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{897F0171-CDC8-4AFB-A27B-61B5B29664E2}) (Version: 24.2.371 - Corel Corporation) Hidden
CorelDRAW Graphics Suite (HKLM\...\_{1E4B5F2C-0532-4CDA-AFCD-674E9C37521E}) (Version: 24.2.1.446 - Corel Corporation)
CorelDRAW Graphics Suite 2022 - IPM (x64) (HKLM\...\{C3AA2B13-47FD-4A79-8B12-371D41CEBA58}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content EN (x64) (HKLM\...\{E4106E1B-D15B-4BC1-94E7-F4D8BB5E4E8F}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - Writing Tools (x64) (HKLM\...\{7DCFAD1B-69CB-4394-8EF6-E2ECECDF098C}) (Version: 24.2 - Corel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.5.0.3 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome) (Version: 3.7.0.32 - Lenovo Group Ltd.)
LIX Gaming Mouse (HKLM-x32\...\{4602F77F-B385-4755-8F4F-11188B9A7CB1}_is1) (Version: 1.1 - SPC GEAR)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\OneDriveSetup.exe) (Version: 23.002.0102.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 RsFx Driver (HKLM\...\{655A4169-5BB6-44B0-A9BA-4CBE23A412AA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Grafický ovládač 528.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.24 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Opera Stable 94.0.4606.76 (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Opera 94.0.4606.76) (Version: 94.0.4606.76 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SOLIDWORKS 2018 SP04 (HKLM\...\{837A0B0D-F508-4088-8B05-606477DEB905}) (Version: 26.140.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2018 SP04 (HKLM-x32\...\SolidWorks Installation Manager 20180-40400-1100-100) (Version: 26.4.0.75 - SolidWorks Corporation)
SOLIDWORKS CAM 2018 SP04 (HKLM\...\{C9043FEF-A6CE-4725-8A93-1488DF0335DF}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2018 SP04 (HKLM\...\{BA93FA95-96A6-42A5-A503-F78E769ABA1E}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2018 SP04 (HKLM\...\{81FBCA77-09F9-4AF3-909A-CB0BD9A81169}) (Version: 18.40.0036 - Dassault Systčmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2018 SP04 (HKLM\...\{F5280967-D8E8-4386-B4E0-62937CFE1970}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2018 SP04 (HKLM\...\{6792CDBC-DB8C-4CA4-AC71-19F3BAA5C3B7}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2018 SP04 (HKLM\...\{23526481-9826-46D3-A38C-CA9B3F59FD0C}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS PCB 2018 SP04 (HKLM\...\{754EACE8-AA6E-42D8-81D4-23869D7F80F3}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Plastics 2018 SP04 (HKLM\...\{9F301E50-ED1C-408F-85AC-D182E400F61B}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2018 SP04 (HKLM\...\{FA9DFD3D-B786-491F-8195-8320FA7D2425}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize Boost 2018 SP04 (HKLM\...\{6C127049-F1BE-47DA-97C9-8B1CE0BFC087}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
Spotify (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Spotify) (Version: 1.1.98.691.gf759311c - Spotify AB)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.20.10 - TotalAV) <==== ATTENTION
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Wondershare NativePush_is1) (Version: - )
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.24.0_x64__ffd303wmbhcjt [2023-01-12] (BreeZip)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-21] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-21] (Disney)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyatmosforgaming_3.20602.609.0_x64__rz1tebttyb220 [2022-11-16] (Dolby Laboratories)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.1.5965.0_x64__rz1tebttyb220 [2022-11-16] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4 [2022-11-26] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-11-17] (LENOVO INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.963.0_x64__56jybvy8sckqj [2023-01-24] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-11-16] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-11-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\nvshext.dll [2023-01-18] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-13 18:57 - 2022-12-13 18:57 - 000107520 _____ () [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 008603136 _____ (NVIDIA Corp.) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\optix_prime.1.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000373760 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\cudart64_90.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 281306112 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\cudnn64_7.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000827392 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\iray_bridge_server.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 160232960 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libiray.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 059388416 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libneuray.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 007058432 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nv_freeimage.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000302592 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nvcuvid_video_decoder.dll
2018-05-08 17:57 - 2018-05-08 17:57 - 000604672 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nvenc_video.dll
2018-05-08 17:57 - 2018-05-08 17:57 - 000603136 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\x264_video.dll
2022-12-13 18:50 - 2022-12-13 18:50 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 001649010 _____ (x264 project) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libx264-142.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-17 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2018 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "LenovoVantage"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9342FA03-9ACE-4556-9132-803139640011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6ABEE681-88B8-475A-BB58-445C1EE3372B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F63152F4-9676-477A-8577-EF779D565E55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5070E996-DC2D-46DD-B214-E2FB6136DF54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0A214A1A-2DD6-4F01-80BE-60C438BAC3FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43E11C5E-B203-4140-8BFD-1F5B42D0DBA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0FC582FB-0F17-499B-9ECF-AF644437FC8F}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9CB3E328-5AC0-4849-80D2-4772CF7198A1}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87BB5440-C286-444D-971B-5077FE05EA7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{12555579-B71E-46BF-A226-C0B8809F371B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3F6A20C8-97B8-40E4-8D90-AF454F5C4B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{2B316DB5-CD03-4BF7-8AF8-D63C87CB2A76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{5BA7EED4-B9B2-475B-8600-9753B24D5D9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E9F76B5-5C5F-45E4-9782-F3D8D088C6DB}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E4546C18-2CB1-4063-9F54-6D5182B76666}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E3D63B62-C419-4158-BC75-E17CC54CCD89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{C2924FEE-2B03-4F45-9A2A-6B10BB59012A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{C7982521-6432-43E3-833F-517FE2E1A053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{3060DB20-D71C-4EDA-B82C-AE7586A5D6DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{512D3EF9-098C-4451-BC27-B614AF4A8BAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F73223E4-E48E-4AEA-AADE-E06D69859705}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3273019E-32E9-4A56-A053-96788EBA3532}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1E6FAF92-D124-409E-BC42-320B61DDE667}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{76974F2F-998D-4CE7-AD7D-391C8DC1AB5E}C:\users\peter\downloads\anydesk.exe] => (Allow) C:\users\peter\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{74811E9A-862D-48CB-9F46-AACCD8CE19A7}C:\users\peter\downloads\anydesk.exe] => (Allow) C:\users\peter\downloads\anydesk.exe => No File
FirewallRules: [{635499DF-988F-4FE5-92A5-B9D266AC99F2}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\94.0.4606.65\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{F48E907E-4581-4D42-BF91-5675BA0D707F}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\94.0.4606.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{294DCA33-BF8D-4AC3-9222-E0892346753D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEADE8C8-0967-40A3-AEF1-15A90488C069}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A278400D-F216-49A0-AEED-FCFFB268D565}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D96FBAF2-8F44-4A71-8051-441CBB25A8E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{739CCFB7-EC07-4DBD-BA98-F46C8816E326}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DF85674F-4147-4D3F-AAC2-243C150F97AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{5F444F07-45BB-4796-BEC5-2518576DB0C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{599359A1-B0EA-47B8-9911-3E18A072D58C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-01-2023 21:19:57 Inštalátor modulov systému Windows
24-01-2023 20:56:41 Scheduled Checkpoint
29-01-2023 13:38:59 Removed Bonjour
01-02-2023 11:04:32 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/01/2023 12:12:25 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 11:12:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 667529d3-72de-4333-bf08-b79ed28e755b

Method: GET(390ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/31/2023 10:21:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.SharePoint.exe, verzia: 23.2.102.4, časová značka: 0x9ff405d5
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x2bd748bf
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000007286e
Identifikácia chybujúceho procesu: 0x8d8
Čas spustenia chybujúcej aplikácie: 0x01d935ba05bc5b1d
Cesta chybujúcej aplikácie: C:\Users\peter\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 8d0274cb-c677-4175-966e-8262f50dab96
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/30/2023 08:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.SharePoint.exe, verzia: 23.2.102.4, časová značka: 0x9ff405d5
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x2bd748bf
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000007286e
Identifikácia chybujúceho procesu: 0x14a8
Čas spustenia chybujúcej aplikácie: 0x01d934e50c6b80fa
Cesta chybujúcej aplikácie: C:\Users\peter\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: b6273ce0-2e53-496b-a285-6f52dbd4fe6a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/29/2023 11:18:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.SharePoint.exe, verzia: 23.2.102.4, časová značka: 0x9ff405d5
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x2bd748bf
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000007286e
Identifikácia chybujúceho procesu: 0xe08
Čas spustenia chybujúcej aplikácie: 0x01d9342fa8e557c0
Cesta chybujúcej aplikácie: C:\Users\peter\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 14b7d7ff-15b5-41dd-b42b-067cff24f28f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (02/01/2023 12:11:32 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba SOLIDWORKS Electrical Collaborative Server oznámila neplatný aktuálny stav 0.

Error: (01/30/2023 08:02:45 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (01/25/2023 11:51:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (01/25/2023 11:51:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (01/24/2023 11:06:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (01/24/2023 11:06:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (01/24/2023 07:29:45 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-B854KS8P)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (01/24/2023 07:28:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
================Event[0]:

Date: 2023-01-14 16:37:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2023-01-04 17:58:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-28 19:38:02
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-22 16:52:10
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-18 22:04:27
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===============
Date: 2023-02-01 21:12:16
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\TotalAV\wscf.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO FSCN26WW 09/09/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4600H with Radeon Graphics
Percentage of memory in use: 34%
Total physical RAM: 15741.32 MB
Available physical RAM: 10306.63 MB
Total Virtual: 18604.32 MB
Available Virtual: 10540.23 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:26.41 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS

\\?\Volume{3eab325d-57f8-443e-b5bd-3c31bd0c151b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{56692210-c7a4-4d5a-b3a6-0797f8aea057}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: EF1E1775)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o preventivnu kontrolu, dakujem.

#2 Příspěvek od JaRon »

ahoj,
vycisti PC s CCleanerom, vcetne registrov - restart - potom vycisti s ADWCleanerom - log sem
+
napis ako je to s AV :???: su tam zmienky o TotalAV aj Avire
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

peter1207
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 22 pro 2014 20:17

Re: Prosim o preventivnu kontrolu, dakujem.

#3 Příspěvek od peter1207 »

TotalAV mam zakupeny a pouzivam ho, Aviru som instaloval omylom po reinstale winu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2023
Ran by peter (administrator) on LAPTOP-B854KS8P (LENOVO 82B1) (03-02-2023 10:08:45)
Running from C:\Users\peter\OneDrive\Desktop
Loaded Profiles: peter
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\SPC Gear\LIX\OemDrv.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Users\peter\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe <2>
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LIX] => C:\Program Files (x86)\SPC Gear\LIX\OemDrv.exe [2452992 2020-05-07] () [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4252008 2023-01-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [] => [X]
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [Spotify] => C:\Users\peter\AppData\Roaming\Spotify\Spotify.exe [20232568 2022-11-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32754128 2022-12-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe [22816 2022-11-15] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188576 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2022-12-13] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2018 Fast Start.lnk [2022-12-13]
ShortcutTarget: SOLIDWORKS 2018 Fast Start.lnk -> C:\Windows\Installer\{837A0B0D-F508-4088-8B05-606477DEB905}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Background Downloader.lnk [2022-12-13]
ShortcutTarget: SOLIDWORKS Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SOLIDWORKS Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-4249308867-3700432313-2213772059-500 -> No File <==== ATTENTION
Task: {082E828D-786D-42AA-BDED-60BB8C3AB01A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {08B6CB8C-F82A-428A-AC63-AAEE989608A3} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0C8E75C3-00C3-46E8-8CC5-5C82158DAFD6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0EDE76F4-3097-4288-BCD2-D3B273868237} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0F21BC26-EB06-4D63-AD35-0147090AD3B3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
Task: {1C062471-1558-4B55-A37E-BF1522B1E419} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {21CBAA2D-6DAE-4615-AE60-694BECD1EAFC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2256ED79-2C4F-4374-8289-B358AD799CD8} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2FAD79B0-1009-494B-85A8-304404E92E0D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {35B443D6-9A86-4384-A103-88DBA4A4460C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {37D0D528-A9CA-4205-92AB-A1F02E5E7CE5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {3E9762B9-B682-4568-893F-B4278F90E22B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {418F0215-45C5-4434-B33F-EA0985D431B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {535D0284-5BF1-4A80-B61F-AC31A65B45AC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5BCB3082-1103-4BB1-81F6-C76320CA0BD3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5C8E85A6-05A1-4440-93AB-DA82E57B5BFC} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {60BADF28-BBC5-48E9-872D-FEB4A36CF6B1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {74766506-39AF-45E8-AE72-C4D72466DDEA} - System32\Tasks\Lenovo\LenovoWelcomeTask => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1557792 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {7A44C748-F4FE-4900-B7B0-91C087ACD559} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {82DC447B-5DED-4FEA-BA6D-504FBAD5F588} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-19] (Opera Norway AS -> Opera Software)
Task: {8319467A-AF34-4657-AC54-1D694D3238DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CEF6E7F-349B-463F-A2F9-015421209E77} - \LenovoUtility Startup -> No File <==== ATTENTION
Task: {8EB032DD-BCDE-4EE7-8800-514EC0784150} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-11-17] (Google Inc -> Google LLC)
Task: {90354BCA-EAFB-4FC2-B9B1-15744F7483D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aacfd380-a70d-4e06-9955-6ec4952f9221 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {96397FEA-935C-4547-893C-D8695FDD25A1} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {A984A7A3-4C2E-47FB-856D-C562171D0BEF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\59a89918-b74b-4041-928e-db83ee17a051 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {ABBA71A6-9BD0-444D-A27B-83A23D363F5B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD8DE74E-372E-4960-A025-DEF427FD58CC} - System32\Tasks\Lenovo\LenovoWelcomeQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1557792 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {B04A9BAA-BD24-43E3-BF84-E27331B8D9F6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B1F74D4D-ECD0-430E-BD7D-4C91462F7CDA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\82e5aafc-dfe7-4d6d-89bb-3c732a91c5ef => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B76F92B9-7E48-4F66-90EC-0F62C7A1EDF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-11-17] (Google Inc -> Google LLC)
Task: {C2BEBBD4-85E0-4A61-94AD-9FEBD723CAA8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {C5FF0972-104A-42E3-B512-AA0E79062122} - System32\Tasks\Lenovo\LenovoWelcomeLauncher => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcome.exe [1010976 2022-10-27] (Lenovo -> Lenovo Group Ltd.)
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {D07A9112-2E82-415B-B191-8A87B631202D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D42A200C-2E76-40DA-BA1A-863E83329991} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d8901dc4-1de2-421a-a14b-22867ae085d4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DE9F9905-D50C-4EA4-B56A-6E8864AEF24A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEF14753-5673-410A-AEAF-23F3375B0FA7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E5CC6270-2400-4C42-9EBA-23ADFBE982ED} - System32\Tasks\CCleanerSkipUAC - peter => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EA91A606-6983-4A0E-9FEC-722631DA3CF2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EDCA96D6-1663-43A4-83F8-81413CBBEFB1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EF3A6EB7-815C-4061-B780-CFE19C9848D2} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {F32D4F99-EB2E-4E44-A433-0CE826CE18AA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b7032f5d-488b-4eab-924e-d758a1d1e6d9" --version "6.08.10255" --silent
Task: {F93B1EAB-CF3B-40C3-8061-59980AA4885B} - System32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9f90c032-8ba8-463c-852d-e5fc59e839f7}: [DhcpNameServer] 150.207.1.3

Edge:
=======
Edge Profile: C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-03]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge StartupUrls: Default -> "hxxps://www.google.sk/","hxxps://www.google.com/"
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\NPCOMP~1.DLL [2018-07-31] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\x86\NPCOMP~1.DLL [2018-07-31] (Dassault Systemes SE -> Dassault Systemes)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2023-02-03]
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-15]
CHR Extension: (Canva) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbcfmcoibkecmionmehabndbljdleekf [2022-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-17]

Opera:
=======
OPR Profile: C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable [2023-02-03]
OPR Extension: (Rich Hints Agent) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-13]
OPR Extension: (Opera Wallet) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-13]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-17] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-29] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-07-31] (Trace Software International -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-07-31] (Intel(R) Software Development Products -> Intel Corporation)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2022-12-13] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-07-31] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R2 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-07-31] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 atvi-randgrid_sr; C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [2877704 2023-01-12] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [43896 2020-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo Group Ltd.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2019-12-26] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 GuiHidUsbDevLowerFFB; C:\WINDOWS\System32\Drivers\GuiHidUsbDevLowerFFB.sys [143872 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2020. All rights reserved.)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2022-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 tmhidusb; C:\WINDOWS\System32\drivers\tmhidusb.sys [432136 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmResetMin; C:\WINDOWS\System32\Drivers\tmResetMin.sys [47648 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2021. All rights reserved.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-03 10:07 - 2023-02-03 10:07 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-02-03 10:05 - 2023-02-03 10:07 - 000000000 ____D C:\AdwCleaner
2023-02-03 10:01 - 2023-02-03 10:08 - 000000000 ____D C:\Program Files\CCleaner
2023-02-03 10:01 - 2023-02-03 10:05 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-03 10:01 - 2023-02-03 10:02 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-03 10:01 - 2023-02-03 10:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-03 10:01 - 2023-02-03 10:01 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - peter
2023-02-03 10:01 - 2023-02-03 10:01 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-02-03 10:01 - 2023-02-03 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-02-01 21:15 - 2023-02-03 10:08 - 000000000 ____D C:\FRST
2023-01-24 19:16 - 2023-01-18 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001642560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-01-24 19:16 - 2023-01-18 06:53 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001444416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001444416 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001168952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-01-24 19:16 - 2023-01-18 06:53 - 001168952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000865256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000672296 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-01-24 19:16 - 2023-01-18 06:49 - 000506856 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 002163736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001619968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001532432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 001192968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 000949736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-01-24 19:16 - 2023-01-18 06:48 - 000743976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-01-24 19:16 - 2023-01-18 06:48 - 000734232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 012453352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 010220536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 005890552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 005865976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-01-24 19:16 - 2023-01-18 06:47 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-01-24 19:16 - 2023-01-18 06:46 - 005818872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-01-24 19:16 - 2023-01-15 23:41 - 000101010 _____ C:\WINDOWS\system32\nvinfo.pb
2023-01-24 19:15 - 2023-01-18 06:46 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-01-18 22:55 - 2023-01-18 22:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\UserBenchmark
2023-01-18 22:54 - 2023-01-18 22:54 - 000521728 _____ (UserBenchmark) C:\Users\peter\Downloads\UserBenchmarkInstaller.exe
2023-01-18 21:59 - 2023-01-18 21:59 - 000007597 _____ C:\Users\peter\AppData\Local\Resmon.ResmonCfg
2023-01-17 19:35 - 2023-01-28 09:28 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-12 22:34 - 2023-01-12 22:34 - 000000000 ___HD C:\$WinREAgent
2023-01-07 21:23 - 2023-01-18 06:44 - 006517008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-01-04 17:59 - 2023-02-03 10:02 - 000000000 ____D C:\Users\peter\AppData\Local\CrashDumps
2023-01-04 17:59 - 2023-01-04 17:59 - 000000000 ____D C:\Users\peter\AppData\Local\Lenovo_Group_Ltd

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-03 10:08 - 2022-11-17 06:43 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-03 10:08 - 2022-11-17 06:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-03 10:08 - 2022-11-17 00:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-03 10:08 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-03 10:08 - 2022-11-16 21:34 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-03 10:08 - 2020-09-04 19:49 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-03 10:07 - 2022-11-17 00:20 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-02-03 10:07 - 2022-11-16 21:30 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-03 10:02 - 2022-11-16 23:43 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-03 10:02 - 2022-11-16 21:39 - 000000000 ____D C:\WINDOWS\Panther
2023-02-03 09:53 - 2022-11-17 06:53 - 000983156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-03 09:53 - 2022-11-16 21:33 - 000000000 ____D C:\WINDOWS\INF
2023-02-03 08:41 - 2022-11-17 06:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-03 08:41 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-03 03:15 - 2022-11-16 21:34 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-03 03:15 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-02 11:26 - 2022-11-22 16:38 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460
2023-02-02 10:06 - 2022-11-16 22:04 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2023-02-01 21:21 - 2022-11-16 22:06 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-888362058-2165733168-3384824745-1001
2023-02-01 21:21 - 2022-11-16 22:05 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-888362058-2165733168-3384824745-1001
2023-02-01 21:21 - 2022-11-16 21:58 - 000002378 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-01 20:14 - 2020-09-04 19:41 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-01 11:04 - 2022-11-16 21:31 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-30 20:02 - 2022-11-16 22:42 - 000041312 _____ C:\WINDOWS\storelibdebug.txt
2023-01-29 20:48 - 2022-11-16 22:08 - 000000000 ____D C:\Users\peter\AppData\Local\D3DSCache
2023-01-29 13:44 - 2022-11-16 23:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-28 09:28 - 2022-11-17 06:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-27 21:27 - 2022-11-17 00:10 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-27 21:27 - 2022-11-17 00:10 - 000002229 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-26 20:31 - 2022-11-16 22:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-24 19:29 - 2022-11-16 22:25 - 000000000 ____D C:\Users\peter\AppData\Local\NVIDIA
2023-01-23 18:49 - 2022-12-13 18:33 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1670952788
2023-01-23 18:49 - 2022-12-13 18:33 - 000001416 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2023-01-18 06:47 - 2022-12-11 19:31 - 003334664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-01-18 06:44 - 2022-11-16 23:35 - 007648024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-01-12 22:51 - 2022-11-17 06:43 - 001508720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-12 22:50 - 2022-11-16 21:34 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-12 22:37 - 2022-11-17 06:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-12 22:34 - 2022-11-16 22:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-12 22:32 - 2022-11-16 22:07 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-11 20:20 - 2022-11-16 22:05 - 000000000 ____D C:\Users\peter\AppData\Local\NVIDIA Corporation
2023-01-07 20:07 - 2022-11-17 01:09 - 000000000 ____D C:\Users\peter\AppData\Roaming\Spotify
2023-01-07 17:38 - 2022-11-17 01:10 - 000000000 ____D C:\Users\peter\AppData\Local\Spotify
2023-01-04 18:09 - 2022-11-16 22:47 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2023-01-04 18:09 - 2022-11-16 22:08 - 000000000 ____D C:\WINDOWS\TempInst
2023-01-04 17:59 - 2022-11-16 22:05 - 000000000 ____D C:\Users\peter\AppData\Local\Lenovo
2023-01-04 17:58 - 2022-11-17 06:43 - 000000000 ____D C:\ProgramData\Lenovo

==================== Files in the root of some directories ========

2022-12-13 18:26 - 2017-10-12 21:12 - 000002432 _____ () C:\Program Files\SerialNumbers.ini
2022-12-13 18:26 - 2017-10-12 21:12 - 016071680 _____ (TeAM SolidSQUAD-SSQ) C:\Program Files\SolidWorks.2017-2018.Activator.SSQ.exe
2022-12-13 18:28 - 2022-12-13 18:28 - 000004606 _____ () C:\Program Files\sw_d.lic
2023-01-18 21:59 - 2023-01-18 21:59 - 000007597 _____ () C:\Users\peter\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2023
Ran by peter (03-02-2023 10:09:30)
Running from C:\Users\peter\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) (2022-11-17 05:50:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-888362058-2165733168-3384824745-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-888362058-2165733168-3384824745-503 - Limited - Disabled)
Guest (S-1-5-21-888362058-2165733168-3384824745-501 - Limited - Disabled)
peter (S-1-5-21-888362058-2165733168-3384824745-1001 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-888362058-2165733168-3384824745-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{6EAF157F-28B9-4D44-9AEE-39415B106CAF}) (Version: 24.2.0.371 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{6EAF157F-28B9-4D44-9AEE-39415B106CAF}) (Version: 24.2.371 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{897F0171-CDC8-4AFB-A27B-61B5B29664E2}) (Version: 24.2.371 - Corel Corporation) Hidden
CorelDRAW Graphics Suite (HKLM\...\_{1E4B5F2C-0532-4CDA-AFCD-674E9C37521E}) (Version: 24.2.1.446 - Corel Corporation)
CorelDRAW Graphics Suite 2022 - IPM (x64) (HKLM\...\{C3AA2B13-47FD-4A79-8B12-371D41CEBA58}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content EN (x64) (HKLM\...\{E4106E1B-D15B-4BC1-94E7-F4D8BB5E4E8F}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - Writing Tools (x64) (HKLM\...\{7DCFAD1B-69CB-4394-8EF6-E2ECECDF098C}) (Version: 24.2 - Corel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.5.0.3 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome) (Version: 3.7.0.32 - Lenovo Group Ltd.)
LIX Gaming Mouse (HKLM-x32\...\{4602F77F-B385-4755-8F4F-11188B9A7CB1}_is1) (Version: 1.1 - SPC GEAR)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 RsFx Driver (HKLM\...\{655A4169-5BB6-44B0-A9BA-4CBE23A412AA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Grafický ovládač 528.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.24 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Opera Stable 94.0.4606.76 (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Opera 94.0.4606.76) (Version: 94.0.4606.76 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SOLIDWORKS 2018 SP04 (HKLM\...\{837A0B0D-F508-4088-8B05-606477DEB905}) (Version: 26.140.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2018 SP04 (HKLM-x32\...\SolidWorks Installation Manager 20180-40400-1100-100) (Version: 26.4.0.75 - SolidWorks Corporation)
SOLIDWORKS CAM 2018 SP04 (HKLM\...\{C9043FEF-A6CE-4725-8A93-1488DF0335DF}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Composer 2018 SP04 (HKLM\...\{BA93FA95-96A6-42A5-A503-F78E769ABA1E}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2018 SP04 (HKLM\...\{81FBCA77-09F9-4AF3-909A-CB0BD9A81169}) (Version: 18.40.0036 - Dassault Systčmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2018 SP04 (HKLM\...\{F5280967-D8E8-4386-B4E0-62937CFE1970}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2018 SP04 (HKLM\...\{6792CDBC-DB8C-4CA4-AC71-19F3BAA5C3B7}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2018 SP04 (HKLM\...\{23526481-9826-46D3-A38C-CA9B3F59FD0C}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS PCB 2018 SP04 (HKLM\...\{754EACE8-AA6E-42D8-81D4-23869D7F80F3}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Plastics 2018 SP04 (HKLM\...\{9F301E50-ED1C-408F-85AC-D182E400F61B}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2018 SP04 (HKLM\...\{FA9DFD3D-B786-491F-8195-8320FA7D2425}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize Boost 2018 SP04 (HKLM\...\{6C127049-F1BE-47DA-97C9-8B1CE0BFC087}) (Version: 26.40.0075 - Dassault Systemes SolidWorks Corp) Hidden
Spotify (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Spotify) (Version: 1.1.98.691.gf759311c - Spotify AB)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Wondershare NativePush_is1) (Version: - )
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

Packages:
=========
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.24.0_x64__ffd303wmbhcjt [2023-01-12] (BreeZip)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-21] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.45.5.0_x64__6rarf9sa4v8jt [2023-02-03] (Disney)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyatmosforgaming_3.20602.609.0_x64__rz1tebttyb220 [2022-11-16] (Dolby Laboratories)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.1.5965.0_x64__rz1tebttyb220 [2022-11-16] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4 [2022-11-26] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-11-17] (LENOVO INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.963.0_x64__56jybvy8sckqj [2023-01-24] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-11-16] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-11-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_38ddcdbd562c6b02\nvshext.dll [2023-01-18] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-11-29 01:14 - 2016-03-25 20:46 - 000057856 _____ () [File not signed] C:\Program Files (x86)\SPC Gear\LIX\Lowerdev.dll
2022-11-29 01:14 - 2016-03-14 17:48 - 000242176 _____ () [File not signed] C:\Program Files (x86)\SPC Gear\LIX\MenuEx.dll
2022-12-13 18:57 - 2022-12-13 18:57 - 000107520 _____ () [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\NETAPI32.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 008603136 _____ (NVIDIA Corp.) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\optix_prime.1.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000373760 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\cudart64_90.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 281306112 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\cudnn64_7.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000827392 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\iray_bridge_server.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 160232960 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libiray.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 059388416 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libneuray.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 007058432 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nv_freeimage.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 000302592 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nvcuvid_video_decoder.dll
2018-05-08 17:57 - 2018-05-08 17:57 - 000604672 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\nvenc_video.dll
2018-05-08 17:57 - 2018-05-08 17:57 - 000603136 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\x264_video.dll
2022-12-13 18:50 - 2022-12-13 18:50 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2018-03-27 17:56 - 2018-03-27 17:56 - 001649010 _____ (x264 project) [File not signed] C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\libx264-142.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-17 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2018 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "LenovoVantage"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9342FA03-9ACE-4556-9132-803139640011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6ABEE681-88B8-475A-BB58-445C1EE3372B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F63152F4-9676-477A-8577-EF779D565E55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5070E996-DC2D-46DD-B214-E2FB6136DF54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0A214A1A-2DD6-4F01-80BE-60C438BAC3FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43E11C5E-B203-4140-8BFD-1F5B42D0DBA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0FC582FB-0F17-499B-9ECF-AF644437FC8F}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9CB3E328-5AC0-4849-80D2-4772CF7198A1}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87BB5440-C286-444D-971B-5077FE05EA7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{12555579-B71E-46BF-A226-C0B8809F371B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3F6A20C8-97B8-40E4-8D90-AF454F5C4B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{2B316DB5-CD03-4BF7-8AF8-D63C87CB2A76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{5BA7EED4-B9B2-475B-8600-9753B24D5D9A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2E9F76B5-5C5F-45E4-9782-F3D8D088C6DB}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E4546C18-2CB1-4063-9F54-6D5182B76666}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E3D63B62-C419-4158-BC75-E17CC54CCD89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{C2924FEE-2B03-4F45-9A2A-6B10BB59012A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{C7982521-6432-43E3-833F-517FE2E1A053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{3060DB20-D71C-4EDA-B82C-AE7586A5D6DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{512D3EF9-098C-4451-BC27-B614AF4A8BAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F73223E4-E48E-4AEA-AADE-E06D69859705}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3273019E-32E9-4A56-A053-96788EBA3532}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1E6FAF92-D124-409E-BC42-320B61DDE667}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{635499DF-988F-4FE5-92A5-B9D266AC99F2}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\94.0.4606.65\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{F48E907E-4581-4D42-BF91-5675BA0D707F}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\94.0.4606.76\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{294DCA33-BF8D-4AC3-9222-E0892346753D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEADE8C8-0967-40A3-AEF1-15A90488C069}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A278400D-F216-49A0-AEED-FCFFB268D565}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D96FBAF2-8F44-4A71-8051-441CBB25A8E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{739CCFB7-EC07-4DBD-BA98-F46C8816E326}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DF85674F-4147-4D3F-AAC2-243C150F97AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{5F444F07-45BB-4796-BEC5-2518576DB0C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{599359A1-B0EA-47B8-9911-3E18A072D58C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-01-2023 21:19:57 Inštalátor modulov systému Windows
24-01-2023 20:56:41 Scheduled Checkpoint
29-01-2023 13:38:59 Removed Bonjour
01-02-2023 11:04:32 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/03/2023 10:08:26 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 09:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: cc8d8cc1-5b57-4403-830d-0764ad02672d

Method: GET(1125ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/03/2023 10:05:14 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 09:05:17 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 21b9c479-e4ae-4513-b355-23f10192e8e2

Method: GET(390ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/03/2023 08:42:53 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 07:42:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: db7ce3dd-9bde-41fd-8567-d481aa3d2bc7

Method: GET(750ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/01/2023 12:12:25 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 01 Feb 2023 11:12:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 667529d3-72de-4333-bf08-b79ed28e755b

Method: GET(390ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/01/2023 12:11:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (02/03/2023 10:07:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SWVisualize2018.BoostService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SWVisualize2018.Queue.Server sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FlexNet Licensing Service 64 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (02/03/2023 10:07:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
================Event[0]:

Date: 2023-01-14 16:37:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2023-01-04 17:58:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-28 19:38:02
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-22 16:52:10
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-12-18 22:04:27
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80070057
Error description: The parameter is incorrect.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===============
Date: 2023-02-03 10:08:37
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\TotalAV\wscf.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO FSCN26WW 09/09/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4600H with Radeon Graphics
Percentage of memory in use: 24%
Total physical RAM: 15741.32 MB
Available physical RAM: 11908.61 MB
Total Virtual: 18604.32 MB
Available Virtual: 12601.7 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:23.94 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS

\\?\Volume{3eab325d-57f8-443e-b5bd-3c31bd0c151b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{56692210-c7a4-4d5a-b3a6-0797f8aea057}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: EF1E1775)

Partition: GPT.

==================== End of Addition.txt =======================

peter1207
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 22 pro 2014 20:17

Re: Prosim o preventivnu kontrolu, dakujem.

#4 Příspěvek od peter1207 »

Pripajam logy z ADW

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-03-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.2486)
# Scanned: 32104
# Detected: 22


***** [ Services ] *****

PUP.Adware.Heuristic webshieldfilter
PUP.Optional.PCProtect SecurityService

***** [ Folders ] *****

PUP.Optional.Legacy C:\Program Files (x86)\TotalAV
PUP.Optional.Legacy C:\ProgramData\TotalAV
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\Public\Desktop\TotalAV.lnk
PUP.Optional.Legacy C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
PUP.Optional.PCProtect C:\Windows\System32\drivers\webshieldfilter.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.TotalAV HKLM\SOFTWARE\Classes\*\shell\TotalAV
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\peter\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2023
# Duration: 00:00:11
# OS: Windows 10 (Build 19045.2486)
# Cleaned: 17
# Awaiting reboot:3
# Failed: 0


***** [ Services ] *****

Deleted SecurityService
Deleted webshieldfilter

***** [ Folders ] *****

Deleted C:\ProgramData\SecuritySuite
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
Needs Reboot C:\Program Files (x86)\TotalAV
Needs Reboot C:\ProgramData\TotalAV

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\TotalAV.lnk
Deleted C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
Needs Reboot C:\Windows\System32\drivers\webshieldfilter.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Classes\*\shell\TotalAV
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TotalAV
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\TotalAV
Cleaning failed C:\ProgramData\TotalAV

*************************
***** [ Files ] *****

Cleaning failed C:\Windows\System32\drivers\webshieldfilter.sys

*************************

AdwCleaner[S00].txt - [3151 octets] - [03/02/2023 10:05:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o preventivnu kontrolu, dakujem.

#5 Příspěvek od JaRon »

pouzi fixlist - citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [] => [X]
Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-4249308867-3700432313-2213772059-500 -> No File <==== ATTENTION
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
Task: {8CEF6E7F-349B-463F-A2F9-015421209E77} - \LenovoUtility Startup -> No File <==== ATTENTION
Task: {96397FEA-935C-4547-893C-D8695FDD25A1} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
FirewallRules: [{E3D63B62-C419-4158-BC75-E17CC54CCD89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{C2924FEE-2B03-4F45-9A2A-6B10BB59012A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

peter1207
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 22 pro 2014 20:17

Re: Prosim o preventivnu kontrolu, dakujem.

#6 Příspěvek od peter1207 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-02-2023
Ran by peter (03-02-2023 23:45:39) Run:1
Running from C:\Users\peter\OneDrive\Desktop
Loaded Profiles: peter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [] => [X]
Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-4249308867-3700432313-2213772059-500 -> No File <==== ATTENTION
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> No File <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> No File <==== ATTENTION
Task: {8CEF6E7F-349B-463F-A2F9-015421209E77} - \LenovoUtility Startup -> No File <==== ATTENTION
Task: {96397FEA-935C-4547-893C-D8695FDD25A1} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2022-11-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2022-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
FirewallRules: [{E3D63B62-C419-4158-BC75-E17CC54CCD89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{C2924FEE-2B03-4F45-9A2A-6B10BB59012A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]



EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiSpyware => Error setting value.
HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiVirus => Error setting value.
"HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06FEF118-1E47-4CD0-8CA1-3F23A5249FEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06FEF118-1E47-4CD0-8CA1-3F23A5249FEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-4249308867-3700432313-2213772059-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{105D676A-D551-4274-81E7-97AC52E4FD87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{105D676A-D551-4274-81E7-97AC52E4FD87}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Speech\HeadsetButtonPress" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1949073A-8FDA-4EA4-8E59-407CDB02440F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1949073A-8FDA-4EA4-8E59-407CDB02440F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sihpostreboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CEF6E7F-349B-463F-A2F9-015421209E77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CEF6E7F-349B-463F-A2F9-015421209E77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Startup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96397FEA-935C-4547-893C-D8695FDD25A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96397FEA-935C-4547-893C-D8695FDD25A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
avgntflt => Unable to stop service.
HKLM\System\CurrentControlSet\Services\avgntflt => removed successfully
avgntflt => service removed successfully
avipbb => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\avipbb => removed successfully
avipbb => service removed successfully
avkmgr => Unable to stop service.
HKLM\System\CurrentControlSet\Services\avkmgr => removed successfully
avkmgr => service removed successfully
webshieldfilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\webshieldfilter => removed successfully
webshieldfilter => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3D63B62-C419-4158-BC75-E17CC54CCD89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2924FEE-2B03-4F45-9A2A-6B10BB59012A}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12808836 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 333171277 B
Windows/system/drivers => 366203468 B
Edge => 0 B
Chrome => 19138145 B
Firefox => 0 B
Opera => 181513 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 21950 B
NetworkService => 26860 B
peter => 10210210 B

RecycleBin => 0 B
EmptyTemp: => 708.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:46:33 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o preventivnu kontrolu, dakujem.

#7 Příspěvek od JaRon »

Malo by to byt ciste
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

peter1207
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 22 pro 2014 20:17

Re: Prosim o preventivnu kontrolu, dakujem.

#8 Příspěvek od peter1207 »

Super, veľka vďaka :happy: :worship:

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosim o preventivnu kontrolu, dakujem.

#9 Příspěvek od JaRon »

Rado sa stalo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno