Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.06.2024
Ran by peter (administrator) on LAPTOP-B854KS8P (LENOVO 82B1) (11-06-2024 18:08:00)
Running from C:\Users\peter\OneDrive\Desktop\FRST64.exe
Loaded Profiles: peter
Platform: Microsoft Windows 11 Home Version 23H2 22631.3672 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncher.exe ->) (DASSAULT SYSTEMES SE -> Dassault Systemes) C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncherBackbone.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\wpscloudsvr.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\wpscenter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\FnHotkeyUtility.exe
(explorer.exe ->) (DASSAULT SYSTEMES SE -> Dassault Systemes) C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncherSysTray.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation) C:\Program Files\Dassault Systemes\SOLIDWORKS 3DEXPERIENCE\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(Lenovo -> Lenovo) C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (DASSAULT SYSTEMES SE -> Dassault Systemes) C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncher.exe
(services.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\Dassault Systemes\SOLIDWORKS 3DEXPERIENCE\Visualize\SWVisualize.Queue.Server.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_f8a7dff6a7392688\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\wpscloudsvr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DSSystemTray] => C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncherSysTray.exe [1019368 2023-12-11] (DASSAULT SYSTEMES SE -> Dassault Systemes)
HKLM-x32\...\Run: [LIX] => C:\Program Files (x86)\SPC Gear\LIX\OemDrv.exe [2452992 2020-05-07] () [File not signed]
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45430176 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [Discord] => C:\Users\peter\AppData\Local\Discord\Update.exe [1525024 2024-03-18] (Discord Inc. -> GitHub)
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\AddinData\LenovoBatteryGaugeAddin\x64\QSHelper.exe [85416 2024-02-18] (Lenovo -> Lenovo)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2022-12-13] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\chrmstp.exe [2024-06-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\3DEXPERIENCE Launcher.lnk [2024-04-26]
ShortcutTarget: 3DEXPERIENCE Launcher.lnk -> C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncherBackbone.exe (DASSAULT SYSTEMES SE -> Dassault Systemes)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2024 Fast Start.lnk [2024-04-26]
ShortcutTarget: SOLIDWORKS 2024 Fast Start.lnk -> C:\Windows\Installer\{E9661DF2-E1B0-423F-BFFA-1A6EF0B1307B}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {8932885B-5E4B-4DD3-8462-04524115F857} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {CEBE8421-7FBA-4A87-AEDD-69CF89BFAE06} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {43460D61-C15A-4915-A646-25DA5F5CED5E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b7032f5d-488b-4eab-924e-d758a1d1e6d9" --version "6.24.11060" --silent
Task: {E5CC6270-2400-4C42-9EBA-23ADFBE982ED} - System32\Tasks\CCleanerSkipUAC - peter => C:\Program Files\CCleaner\CCleaner.exe [39169952 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1F6AFBFE-9580-4E85-AD58-8CA8B4BE50B3} - System32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460 => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation)
Task: {EF3A6EB7-815C-4061-B780-CFE19C9848D2} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation)
Task: {1E0F1F27-8C99-4FD2-9F82-A5BC92B29310} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {C945F865-83D7-4E64-9833-D53A3E8DAFD9} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-10] (HP Inc. -> HP Inc.)
Task: {34A21A42-6780-4401-9FB4-99A35959AD35} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-10] (HP Inc. -> HP Inc.)
Task: {7A44C748-F4FE-4900-B7B0-91C087ACD559} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C2BEBBD4-85E0-4A61-94AD-9FEBD723CAA8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {08B6CB8C-F82A-428A-AC63-AAEE989608A3} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {67DDEBDA-1B6F-457A-9566-02AC173961EA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6a9f2a85-343b-403b-8e7b-9758495a041a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0EC9E30A-7302-42E9-AA36-D11ABB742D57} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6cacca8f-6287-4f82-a793-aebeb38f04c6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DDB4A678-4004-4C05-9252-F1F78845F198} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\98d504b7-4f27-4a86-bae9-9f278e581fbf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {86931FD7-570A-4E52-B58C-0BC806B51469} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c8bbdce5-9e0a-4f07-be6e-452959bbf0bb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {20D00DC4-5FFB-4DCB-AE1B-AB0D75313B03} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f4fbfa47-f559-4408-91f2-fe7154db6bf5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2DCA07C5-A34F-4A1C-8F79-05AC08D0D1C3} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [1631640 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {756E77CE-6C7F-4C58-AD63-9C6ADA41D962} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1521560 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {25279382-C506-48E6-8AE0-BD3868D72315} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [1521560 2024-04-03] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {F09124F0-B728-4955-A488-5F83EEFF4B9B} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {EA91A606-6983-4A0E-9FEC-722631DA3CF2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {3E9762B9-B682-4568-893F-B4278F90E22B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {535D0284-5BF1-4A80-B61F-AC31A65B45AC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {35B443D6-9A86-4384-A103-88DBA4A4460C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {2256ED79-2C4F-4374-8289-B358AD799CD8} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {0EDE76F4-3097-4288-BCD2-D3B273868237} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {388AEAC4-15F2-40E5-8779-FF0D986A0E2F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {5BCB3082-1103-4BB1-81F6-C76320CA0BD3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {59BBB415-3403-4280-A2D3-0609972CF264} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {EA4C37E6-F85A-46DB-A048-12E1DDB53863} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {8367FCE6-CBEE-430F-AA2D-540DCF870A37} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {FCDD97C7-A827-4C53-AB26-0BD40F92F463} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {40B179C9-C763-46C2-9FB3-2F37B3ED4B8C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {423B70BC-9AB1-435F-94C5-13BD72FF396D} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {3294B8B1-D4B2-44C1-AE0C-85D5100CC45E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9187CE4F-6CE2-4672-98BC-B8C783DB8AC7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {484DC7A8-41D9-41AA-BE9F-6B6AF8D2AC3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {198ECB71-08B1-434A-8EDC-0D31BEA13B0F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {97B70855-A57C-4465-B39E-981BA8B35AD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F90B661C-865B-494D-A380-1D7D7E593075} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {178E0EBF-F8D1-472B-BE80-08377CFA5ED6} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {5B102AA8-8FDA-431C-8EED-30FAF272A525} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {08FC0D74-906F-4E3A-BC16-79793F7A297E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E457DAC9-B073-43C5-9A45-155C7FA152CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3E0D577-2B21-43EF-80E4-33278D1E1188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {768DAF5C-447E-4FF6-8F08-BD76C569306C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90E404F7-84C7-4398-98DF-490914A0E444} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B826839F-21A6-431C-857F-6587091ACCC7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {10B60E92-038C-41F4-B4DA-93CAF513B567} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BCECB9C-760B-42FA-AD28-2DB260832AFE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {0179607C-11F5-4FC3-BE8D-B8B6A243A7E3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E1AD35B-D656-41A7-BA3D-060E1B3CB475} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9303C7E2-585F-4720-9B96-ABBA271338E5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2665C9C-AD51-4116-9C73-1B9D3E18156E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0822DAF-863F-4CA6-98EA-B6249B3A5656} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E7CF28B-F866-4E1C-9783-CA63AAFD49E4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8290591C-8DFA-496D-9D77-FF20435A5BE6} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {33F2BC31-D0DF-4F22-BB72-67175C61D0E3} - System32\Tasks\WpsExternal_peter_20240602135231 => C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\wpscloudsvr.exe [1036176 2024-06-02] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {42891B90-0119-40C5-9618-B87866A5060B} - System32\Tasks\WpsUpdateTask_peter => C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\wpsupdate.exe [1550224 2024-06-02] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 dslauncher.3ds.com # Added by Dassault Systemes. Do not modify this line.
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{626e27dc-704f-44f4-96ec-3e0daf3e1f26}: [DhcpNameServer] 192.168.22.182
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\1405142545D414E495D24554253484F46514: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\1405142545D414E495D24554253484F46514: [DhcpDomain] home
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\4556C656B6F6D6D2032303737303: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\4556C656B6F6D6D2032303737303: [DhcpDomain] home
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\548545E202537484A7: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\548545E202537484A7: [DhcpDomain] home
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\54870727563737C42535022585: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9d223b08-8ed9-4102-9425-19f53f6b7ad3}\54870727563737C42535024585: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9f90c032-8ba8-463c-852d-e5fc59e839f7}: [DhcpNameServer] 150.207.1.3
Edge:
=======
Edge Profile: C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-30]
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.sk/"
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-26]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2024-06-11]
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxps://www.google.sk/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: nástroje na úpravu, prevádzanie a podpisovanie súborov PDF) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-26]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-17]
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile [2024-05-14]
CHR HKU\S-1-5-21-888362058-2165733168-3384824745-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable [2023-08-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-13]
OPR Extension: (Opera Wallet) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-27]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\peter\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 3DEXPERIENCELauncher; C:\Program Files\Dassault Systemes\3DEXPERIENCE Launcher\3DEXPERIENCELauncher.exe [2224616 2023-12-11] (DASSAULT SYSTEMES SE -> Dassault Systemes)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8906088 2023-09-15] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
S3 CoordinatorServiceHost; C:\Program Files\Dassault Systemes\SOLIDWORKS 3DEXPERIENCE\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [83272 2024-01-17] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12014184 2024-01-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2024-05-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2023-11-20] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-10] (HP Inc. -> HP Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_28aa207d942a526e\LenovoUtilityService.exe [171232 2024-04-08] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [12917888 2024-01-10] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f8a7dff6a7392688\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2022-12-13] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 SWVisualize2024.Queue.Server; C:\Program Files\Dassault Systemes\SOLIDWORKS 3DEXPERIENCE\Visualize\SWVisualize.Queue.Server.exe [34120 2024-01-17] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209088 2023-03-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2023-03-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2023-03-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2019-12-26] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 GuiHidUsbDevLowerFFB; C:\WINDOWS\System32\Drivers\GuiHidUsbDevLowerFFB.sys [143872 2021-11-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2020. All rights reserved.)
S3 GuiSTDFUDev; C:\WINDOWS\System32\Drivers\GuiSTDFUDev.sys [152616 2023-01-19] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2023. All rights reserved.)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 LenovoDiagnosticsDriver; C:\ProgramData\Lenovo\Vantage\Addins\LenovoHardwareScanAddin\3.4.0.16\LenovoDiagnosticsDriver.sys [53184 2024-03-05] (Lenovo -> Lenovo Group Limited (R))
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2023-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 shanling_audio; C:\WINDOWS\System32\drivers\shanling_audio_x64.sys [259072 2015-04-13] (Thesycon Systemsoftware Consulting GmbH -> )
S3 shanling_audioks; C:\WINDOWS\System32\drivers\shanling_audioks_x64.sys [46080 2015-04-13] (Thesycon Systemsoftware Consulting GmbH -> )
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation -> Guillemot Corporation)
S3 tmhidusb; C:\WINDOWS\System32\drivers\tmhidusb.sys [513560 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-11 18:08 - 2024-06-11 18:08 - 000042053 _____ C:\Users\peter\OneDrive\Desktop\FRST.txt
2024-06-02 19:38 - 2024-06-02 19:38 - 000000222 _____ C:\Users\peter\OneDrive\Desktop\Subnautica Below Zero.url
2024-06-02 13:52 - 2024-06-02 13:52 - 000004076 _____ C:\WINDOWS\system32\Tasks\WpsExternal_peter_20240602135231
2024-06-02 13:52 - 2024-06-02 13:52 - 000003646 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_peter
2024-06-02 13:31 - 2024-06-02 13:31 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-30 14:31 - 2024-05-30 14:31 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 14:30 - 2024-05-30 14:30 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-30 00:41 - 2024-05-30 00:41 - 000023328 _____ C:\WINDOWS\SysWOW64\lc.dat
2024-05-26 10:52 - 2024-05-14 04:22 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-05-26 10:45 - 2024-05-14 16:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-05-26 10:45 - 2024-05-14 16:20 - 002031472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-05-26 10:45 - 2024-05-14 16:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-05-26 10:45 - 2024-05-14 16:20 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-05-26 10:45 - 2024-05-14 16:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-05-26 10:45 - 2024-05-14 16:20 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-05-26 10:45 - 2024-05-14 16:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-05-26 10:45 - 2024-05-14 16:20 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-05-26 10:45 - 2024-05-14 16:19 - 000477816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-05-26 10:45 - 2024-05-14 16:19 - 000374920 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-05-26 10:45 - 2024-05-14 16:17 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-05-26 10:45 - 2024-05-14 16:17 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 002178680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 001630344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 001547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 001203312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 001068552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 001033352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-05-26 10:45 - 2024-05-14 16:16 - 000848520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-05-26 10:45 - 2024-05-14 16:16 - 000796296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 016117792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 013007392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 006914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 005867552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 003788832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-05-26 10:45 - 2024-05-14 16:15 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-05-26 10:45 - 2024-05-14 16:14 - 007057800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-05-26 10:45 - 2024-05-14 16:14 - 006136008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-05-26 10:45 - 2024-05-14 16:14 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-05-26 10:45 - 2024-05-14 04:22 - 000123909 _____ C:\WINDOWS\system32\nvinfo.pb
2024-05-26 10:39 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-05-26 10:39 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-05-25 08:20 - 2024-06-09 16:14 - 000000000 ____D C:\Users\peter\AppData\LocalLow\MCC
2024-05-25 08:20 - 2024-05-25 08:20 - 000000000 ____D C:\Users\peter\AppData\LocalLow\UnrealEngine
2024-05-24 23:16 - 2024-05-24 23:16 - 000000222 _____ C:\Users\peter\OneDrive\Desktop\Halo The Master Chief Collection.url
2024-05-24 23:15 - 2024-05-24 23:15 - 000000222 _____ C:\Users\peter\OneDrive\Desktop\Subnautica.url
2024-05-24 18:19 - 2024-05-24 19:03 - 000000000 ____D C:\Users\peter\.shiv
2024-05-24 18:07 - 2024-05-24 18:07 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressLRS Configurator.lnk
2024-05-24 18:07 - 2024-05-24 18:07 - 000000000 ____D C:\Users\peter\AppData\Roaming\ExpressLRS Configurator
2024-05-24 18:07 - 2024-05-24 18:07 - 000000000 ____D C:\Users\peter\AppData\Local\expresslrs-configurator-updater
2024-05-24 18:06 - 2024-05-24 18:07 - 000000000 ____D C:\Program Files\ExpressLRS Configurator
2024-05-22 17:50 - 2024-05-22 17:57 - 784043524 _____ C:\Users\peter\OneDrive\Desktop\Trebatice.mp4
2024-05-17 20:47 - 2024-05-17 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insta360 Studio
2024-05-17 20:47 - 2024-05-17 20:47 - 000000000 ____D C:\Program Files\Common Files\insta360
2024-05-17 20:46 - 2024-05-17 20:47 - 000000000 ____D C:\Program Files\Insta360 Studio
2024-05-14 23:35 - 2024-05-14 23:35 - 000001985 _____ C:\Users\peter\OneDrive\Desktop\LIX Gaming Mouse.lnk
2024-05-14 23:35 - 2024-05-14 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPC Gear
2024-05-14 23:35 - 2024-05-14 23:35 - 000000000 ____D C:\Program Files (x86)\SPC Gear
2024-05-13 09:52 - 2024-05-13 10:45 - 000000000 ____D C:\Users\peter\OneDrive\Desktop\Foto solid
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-11 18:08 - 2023-02-01 22:15 - 000000000 ____D C:\FRST
2024-06-11 18:06 - 2023-11-02 16:27 - 000000000 ____D C:\Users\peter\OneDrive\Desktop\FRST-OlderVersion
2024-06-11 18:06 - 2023-02-01 22:14 - 002395136 _____ (Farbar) C:\Users\peter\OneDrive\Desktop\FRST64.exe
2024-06-11 17:54 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-11 17:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-11 17:52 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-11 17:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-11 17:44 - 2024-04-02 22:30 - 000992862 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-11 17:44 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-11 17:43 - 2024-04-03 18:04 - 000003458 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-A3246D273B7D1B30B471447D7CF9F460
2024-06-11 17:43 - 2020-09-04 20:49 - 000000000 ____D C:\ProgramData\NVIDIA
2024-06-11 17:37 - 2024-04-26 17:22 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-06-11 17:37 - 2024-04-02 22:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-11 17:37 - 2022-11-17 07:43 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-11 17:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-10 18:45 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-06-10 16:53 - 2024-04-02 22:33 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-06-10 16:50 - 2024-04-02 22:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-09 16:22 - 2022-11-17 00:43 - 000000000 ____D C:\Program Files (x86)\Steam
2024-06-09 16:19 - 2022-11-16 23:08 - 000000000 ____D C:\Users\peter\AppData\Local\D3DSCache
2024-06-08 15:04 - 2022-11-17 07:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-07 21:14 - 2024-04-02 22:33 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-888362058-2165733168-3384824745-1001
2024-06-07 21:14 - 2024-04-02 22:33 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-888362058-2165733168-3384824745-1001
2024-06-07 21:14 - 2022-11-16 22:58 - 000002378 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-07 15:04 - 2022-11-17 07:43 - 000000000 ____D C:\ProgramData\Lenovo
2024-06-06 15:58 - 2024-04-02 22:33 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-06 15:58 - 2024-04-02 22:33 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-05 16:22 - 2022-11-17 07:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-05 16:12 - 2022-11-17 01:10 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-03 21:24 - 2024-04-02 22:02 - 000000000 ____D C:\Users\peter
2024-06-02 19:38 - 2022-11-17 00:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-06-02 13:31 - 2020-09-04 20:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-30 14:36 - 2024-04-02 22:29 - 001928768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-30 14:36 - 2024-04-02 21:56 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 14:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-30 14:36 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-30 14:34 - 2022-11-16 23:25 - 000000000 ____D C:\Users\peter\AppData\Local\NVIDIA
2024-05-30 14:34 - 2022-05-07 12:42 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 14:34 - 2022-05-07 12:42 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-30 14:34 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-30 14:31 - 2024-04-02 22:30 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-30 13:58 - 2023-02-03 11:01 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-05-30 00:41 - 2023-02-03 11:01 - 000000000 ____D C:\Program Files\CCleaner
2024-05-29 20:49 - 2023-01-04 18:59 - 000000000 ____D C:\Users\peter\AppData\Local\CrashDumps
2024-05-29 20:48 - 2024-04-02 22:33 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-05-27 16:50 - 2022-12-13 21:46 - 000000000 ____D C:\ProgramData\Unknown Worlds
2024-05-27 16:47 - 2022-12-13 21:40 - 000000000 ____D C:\Users\peter\AppData\LocalLow\Unknown Worlds
2024-05-26 10:55 - 2022-11-17 00:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-05-26 10:39 - 2024-04-02 22:33 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2024-04-02 22:33 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-26 10:39 - 2020-09-04 20:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-05-26 10:39 - 2020-09-04 20:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-05-26 10:39 - 2020-09-04 20:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-05-25 23:15 - 2023-06-14 21:11 - 000000000 ____D C:\Users\peter\AppData\Roaming\vlc
2024-05-25 08:20 - 2022-11-20 18:03 - 000000000 ____D C:\Users\peter\AppData\Roaming\EasyAntiCheat
2024-05-25 08:20 - 2022-11-18 00:29 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2024-05-24 23:31 - 2022-11-16 23:04 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2024-05-24 17:30 - 2024-02-17 14:36 - 000267768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-05-24 17:30 - 2022-11-16 23:33 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-05-24 17:30 - 2022-11-16 23:33 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-05-24 17:30 - 2022-11-16 23:17 - 002729464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-05-24 17:30 - 2022-11-16 23:17 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-05-24 17:29 - 2022-11-16 23:17 - 000722424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-05-24 17:29 - 2022-11-16 23:17 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-05-24 17:29 - 2022-11-16 23:17 - 000206328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-05-21 14:52 - 2024-04-26 21:46 - 000000000 ____D C:\Users\peter\AppData\Local\SLW
2024-05-21 14:52 - 2022-12-29 20:27 - 000000000 ____D C:\Users\peter\AppData\Local\SolidWorks
2024-05-21 14:49 - 2022-12-13 19:33 - 000000000 ____D C:\Users\peter\AppData\Roaming\SOLIDWORKS
2024-05-17 20:46 - 2024-02-16 18:48 - 000000000 ____D C:\Program Files\Insta360 Studio 2024
2024-05-17 20:46 - 2024-02-16 18:48 - 000000000 ____D C:\Program Files\Adobe
2024-05-15 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-15 18:51 - 2024-04-02 21:56 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-15 18:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-15 18:04 - 2022-11-16 23:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 18:02 - 2022-11-16 23:07 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-14 23:37 - 2022-11-29 02:14 - 000000000 ____D C:\Users\peter\AppData\Local\BY-COMBO2
2024-05-14 18:22 - 2024-05-10 21:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-05-14 18:22 - 2024-05-10 21:08 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-13 20:20 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-13 11:48 - 2022-11-17 00:46 - 000000000 ____D C:\Users\peter\AppData\Local\Steam
2024-05-13 00:52 - 2024-03-29 13:01 - 000000000 ____D C:\Users\peter\AppData\Roaming\discord
2024-05-13 00:06 - 2024-03-29 13:01 - 000000000 ____D C:\Users\peter\AppData\Local\Discord
2024-05-12 19:06 - 2024-03-29 13:01 - 000002260 _____ C:\Users\peter\OneDrive\Desktop\Discord.lnk
==================== Files in the root of some directories ========
2022-12-13 19:26 - 2017-10-12 22:12 - 000002432 _____ () C:\Program Files\SerialNumbers.ini
2022-12-13 19:26 - 2017-10-12 22:12 - 016071680 _____ (TeAM SolidSQUAD-SSQ) C:\Program Files\SolidWorks.2017-2018.Activator.SSQ.exe
2022-12-13 19:28 - 2022-12-13 19:28 - 000004606 _____ () C:\Program Files\sw_d.lic
2023-08-28 16:35 - 2023-08-28 18:10 - 000006046 _____ () C:\Users\peter\AppData\Roaming\plugin_scan_state_VST2_x32.scan
2023-08-28 16:35 - 2023-08-28 18:10 - 000006046 _____ () C:\Users\peter\AppData\Roaming\plugin_scan_state_VST2_x64.scan
2023-08-28 16:34 - 2023-08-28 18:10 - 000000059 _____ () C:\Users\peter\AppData\Roaming\plugin_scan_state_VST3_x32.scan
2023-08-28 16:34 - 2023-08-28 18:10 - 000000059 _____ () C:\Users\peter\AppData\Roaming\plugin_scan_state_VST3_x64.scan
2023-10-14 04:15 - 2023-10-14 04:22 - 001065984 _____ () C:\Users\peter\AppData\Local\file__0.localstorage
2023-06-23 20:39 - 2023-08-22 21:58 - 000000477 _____ () C:\Users\peter\AppData\Local\kdeglobals
2023-06-23 20:37 - 2023-06-23 20:37 - 000008337 _____ () C:\Users\peter\AppData\Local\kdenlive-layoutsrc
2023-06-23 20:37 - 2023-08-22 22:07 - 000005676 _____ () C:\Users\peter\AppData\Local\kdenliverc
2023-06-23 20:46 - 2023-06-23 20:46 - 000000049 _____ () C:\Users\peter\AppData\Local\klanguageoverridesrc
2023-06-23 20:39 - 2023-06-23 20:39 - 000000854 _____ () C:\Users\peter\AppData\Local\recently-used.xbel
2023-01-18 22:59 - 2024-04-02 22:14 - 000007597 _____ () C:\Users\peter\AppData\Local\Resmon.ResmonCfg
2023-02-27 19:04 - 2023-02-27 19:55 - 000000000 _____ () C:\Users\peter\AppData\Local\Temptable.xml
2024-02-04 15:51 - 2024-02-04 15:51 - 000000681 _____ () C:\Users\peter\AppData\Local\thumbnail.log
2023-08-22 21:57 - 2023-08-22 21:57 - 000005260 _____ () C:\Users\peter\AppData\Local\user-places.xbel
2023-06-23 20:37 - 2023-06-23 20:37 - 000004979 _____ () C:\Users\peter\AppData\Local\user-places.xbel.bak
2023-08-22 21:57 - 2023-08-22 21:57 - 000000000 _____ () C:\Users\peter\AppData\Local\user-places.xbel.tbcache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.06.2024
Ran by peter (11-06-2024 18:09:44)
Running from C:\Users\peter\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3672 (X64) (2024-04-02 20:33:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-888362058-2165733168-3384824745-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-888362058-2165733168-3384824745-503 - Limited - Disabled)
Guest (S-1-5-21-888362058-2165733168-3384824745-501 - Limited - Disabled)
peter (S-1-5-21-888362058-2165733168-3384824745-1001 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-888362058-2165733168-3384824745-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Total AV (Enabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DEXPERIENCE Launcher (HKLM\...\{7A23A546-5E1B-4B8D-A629-32283CF2C855}) (Version: 23.50.857 - Dassault Systemes)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe)
Betaflight Configurator (HKLM\...\e72c90bb-45eb-48dc-9cf3-ac2e8ec52f8c_is1) (Version: 10.9.0 - The Betaflight open source project)
Blackmagic RAW Common Components (HKLM\...\{BF8B97B1-9BEE-422A-9893-AC7A52ACA23A}) (Version: 3.3 - Blackmagic Design)
CCleaner (HKLM\...\CCleaner) (Version: 6.24 - Piriform)
CEF for SOLIDWORKS Applications (HKLM\...\{BD49682F-0343-40F2-82EA-F4C532E84D3A}) (Version: 119.4.32524.0 - Dassault Systemes SolidWorks Corp)
Corel Update Manager (HKLM\...\{4BAE1A4E-9E7A-4DEB-93DF-F2EB7539C3E2}) (Version: 2.17.698 - Corel corporation) Hidden
CorelDRAW Graphics Suite (HKLM\...\_{1E4B5F2C-0532-4CDA-AFCD-674E9C37521E}) (Version: - Corel Corporation)
CorelDRAW Graphics Suite 2022 - IPM (x64) (HKLM\...\{C3AA2B13-47FD-4A79-8B12-371D41CEBA58}) (Version: 24.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content EN (x64) (HKLM\...\{E4106E1B-D15B-4BC1-94E7-F4D8BB5E4E8F}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - Writing Tools (x64) (HKLM\...\{7DCFAD1B-69CB-4394-8EF6-E2ECECDF098C}) (Version: 24.3 - Corel Corporation) Hidden
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes SOLIDWORKS 3DEXPERIENCE R2024x (HKLM\...\Dassault Systemes SOLIDWORKS B426 !) (Version: 6.426.1.0 - Dassault Systemes)
DaVinci Resolve (HKLM\...\{414241E2-0358-481D-9B89-D08214E295F2}) (Version: 18.5.10006 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{D1ACF467-9FB4-45DA-942F-A19452E70A3F}) (Version: 2.0.7.0 - Blackmagic Design)
DfuSe v3.0.6 (HKLM-x32\...\{61D44ABF-A11F-4FA4-98E6-C05BBBD0B52A}) (Version: 3.0.6 - STMicroelectronics)
Discord (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Discord) (Version: 1.0.9037 - Discord Inc.)
Dolby Vision Provisioning Utility (HKLM-x32\...\provisiondolbyvision1_1-20200601_is1) (Version: 1.7.4.3 (2023 May Data a) - Lenovo Group Limited)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.110.0.5623 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{20a8704d-f282-4d39-b57c-177ec90557be}) (Version: 13.110.0.5623 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
ExpressLRS Configurator 1.6.1 (HKLM\...\2a8c9963-7c47-572e-b852-e0570c14856b) (Version: 1.6.1 - ExpressLRS Configurator Contributors)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
INAV Configurator (HKLM\...\2e5662ca-1fb3-8f1e-a7e1-e390add7a19d_is1) (Version: 6.1.0 - The INAV open source project)
Insta360 Studio version 5.1.0 (HKLM\...\{78E34D33-E6EF-442B-A808-2351211989E2}}_is1) (Version: 5.1.0 - Arashi Vision Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.5.0.3 - Lenovo Group Ltd.)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 3.13.0.15 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
LIX Gaming Mouse (HKLM-x32\...\{4602F77F-B385-4755-8F4F-11188B9A7CB1}_is1) (Version: 1.1 - SPC GEAR)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\OneDriveSetup.exe) (Version: 24.101.0519.0010 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{13146756-9716-4843-84CA-053916D2FCF9}) (Version: 11.3.6538.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 RsFx Driver (HKLM\...\{655A4169-5BB6-44B0-A9BA-4CBE23A412AA}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{77A5892D-60F9-40FC-BB55-246FB48B0C9D}) (Version: 7.1.11.28 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{D545C682-9A1A-41FC-A3EF-647DA62B8093}) (Version: 7.1.11.28 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{f3fbabb4-bcfb-45eb-8fff-9b784fd68c38}) (Version: 16.0.31110 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{8E7A3713-551D-333A-9271-10EF4D77A80F}) (Version: 16.0.31110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{E7A0CD34-1F9B-3496-ADB3-2F180D302F6A}) (Version: 16.0.31110 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.412 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.412 - NVIDIA Corporation)
NVIDIA Grafický ovládač 555.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 555.85 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
NVIDIA USBC Driver 1.52.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.52.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 6.0.i - Runtime Games Ltd)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
RSI Launcher 1.6.10 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.6.10 - Cloud Imperium Games)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
Shanling Audio Driver v2.29.0 (HKLM-x32\...\Shanling Audio Driver v2.29.0) (Version: 2.29.0 - Shanling)
SOLIDWORKS 2024 SP01 (HKLM\...\{E9661DF2-E1B0-423F-BFFA-1A6EF0B1307B}) (Version: 32.110.0123 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS HotFix HF-1236720 (HKLM\...\SOLIDWORKS HotFix HF-1236720) (Version: - SolidWorks Corporation) Hidden
SOLIDWORKS HotFix HF-1240281 (HKLM\...\SOLIDWORKS HotFix HF-1240281) (Version: - SolidWorks Corporation) Hidden
SOLIDWORKS Visualize 2024 SP01 (HKLM\...\{97791754-FF4E-4D69-BCF9-6B033E415771}) (Version: 32.10.0123 - Dassault Systemes SolidWorks Corp) Hidden
Spotify (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Spotify) (Version: 1.2.26.1187.g36b715a1 - Spotify AB)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TBS Agent 4.3.10 (HKLM\...\3b13f7f6-a69b-59e1-91bc-72e0f893ca3c) (Version: 4.3.10 - Team BlackSheep)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 145.1.10933 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wings version 1.20 (HKLM-x32\...\{E3831151-3C1F-489D-A687-8D332A876840}_is1) (Version: 1.20 - Kitchen Sink Games)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
WPS Office (12.2.0.17119) (HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\Kingsoft Office) (Version: 12.2.0.17119 - Kingsoft Corp.)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Packages:
=========
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.36.0_x64__ffd303wmbhcjt [2024-06-11] (BreeZip) [Startup Task]
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyatmosforgaming_3.20602.609.0_x64__rz1tebttyb220 [2022-11-16] (Dolby Laboratories)
Dolby Vision -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionHDR_2.20303.556.0_x64__rz1tebttyb220 [2024-05-17] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-19] (Microsoft Corporation)
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.6017.0_x64__8wekyb3d8bbwe [2024-06-11] (Microsoft Corporation) [Startup Task]
Gyroflow -> C:\Program Files\WindowsApps\29160AdrianRoss.Gyroflow_1.54.1646.0_x64__q81n4e8pq4bra [2024-01-28] (Adrian Ross)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_153.1.1137.0_x64__v10z8vjag6ke6 [2024-05-22] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-04-04] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-03] (LENOVO INC) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-04-03] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-11-16] (Realtek Semiconductor Corp)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-30] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{7C360CF9-D475-44FC-8163-AD6C95CF5F5D}\InprocServer32 -> C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\kmso2pdfplugins64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_f8a7dff6a7392688\nvshext.dll [2024-05-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers1_S-1-5-21-888362058-2165733168-3384824745-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\kwpsmenushellext64.dll [2024-06-02] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-888362058-2165733168-3384824745-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\peter\AppData\Local\Kingsoft\WPS Office\12.2.0.17119\office6\kwpsmenushellext64.dll [2024-06-02] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2022-12-13 19:50 - 2022-12-13 19:50 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\peter\Downloads\cpu-z_2.08-en.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> DefaultScope {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-02] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2024-04-26 17:22 - 000001014 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 dslauncher.3ds.com # Added by Dassault Systemes. Do not modify this line.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;;C:\Android
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS 2018 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SOLIDWORKS Background Downloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Shanling Audio Control Panel Autostart.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_78A92E0D73E8D43924D5E45291DCAF15"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "LenovoVantage"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\...\StartupApproved\Run: => "EADM"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{12D5B725-E27D-4A36-9CBF-DFB325DD8D05}C:\program files (x86)\steam\steamapps\common\outriders\madness\binaries\win64\outriders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outriders\madness\binaries\win64\outriders-win64-shipping.exe => No File
FirewallRules: [TCP Query User{852F053D-566C-4666-B90D-2D01A71E6BA5}C:\program files (x86)\steam\steamapps\common\outriders\madness\binaries\win64\outriders-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outriders\madness\binaries\win64\outriders-win64-shipping.exe => No File
FirewallRules: [{2D5BBD27-81F9-46CE-A382-335A415179A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [{E466DDC7-3868-45B1-8411-B999E98D2BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{146B6D0D-7564-4672-A523-2B9B9050EDB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{C1014E82-16EE-4B19-B80E-DB034A10026E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{0E5A9276-5EB2-486B-863A-23694AE2BD57}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{93595C55-748B-405E-A5D3-45EEB210093B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C88B65A4-2D9E-4232-9A50-C5629BD72E05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{B71D4229-CE96-407B-AD09-71DB9B16EBD1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{68F9D500-21B6-4A11-B64E-598D59B18222}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{984EF93A-CFB4-40FA-A900-CDD53C9A74C8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BE2BD87C-5C9B-4DD6-B960-A8B26B767660}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [{BE6A45C3-0DC0-4DAA-AE73-5BCC60844B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{072A88F3-5D51-479C-98CA-B521DF229D28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{272C89E7-8B3B-4BF6-B87A-F360010AD14D}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [TCP Query User{1434526D-D4B8-4815-A566-D983FC4F15DF}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{DB4BBCF6-6882-4D80-8633-518257823F0E}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{DAFC7C76-3C74-40B2-90BD-FB09D2D0544B}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0B1CFBD0-CEF5-4416-A52F-68BEB7036FFB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{68D9DA50-A0C5-4535-830A-99D90BC88D9B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{82E736BD-A976-4122-A879-8429DDB7C010}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{165CA35B-5E2B-4B62-9AEB-7851400D1497}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{26D014B1-1227-4128-8620-F3ADB4F33E35}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{6E18FBA8-7521-4E88-AD4C-0E9FAE5D9D51}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{657C2D4D-2F40-43D1-94D9-2A77358F5D07}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{2606D13E-FD02-438A-A68A-E96FF79A61F1}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.43\opera.exe => No File
FirewallRules: [{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.33\opera.exe => No File
FirewallRules: [UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [UDP Query User{A3460727-C0D4-4877-8914-1D26834CD2BF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{727FF082-3849-4407-B3FD-D4D95CF81927}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B554E252-ADA5-4BF9-8AE7-53210055BC7A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{60888FA1-A930-498B-979B-826CADF04639}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8B2BD90F-8718-4729-9E72-561DEDF6BB28}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{BE8EEE5B-55FD-4969-8D06-0B7DC7775F12}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6AD0C6BA-0746-403F-8A32-6C789E1DE2A5}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [UDP Query User{9CB3E328-5AC0-4849-80D2-4772CF7198A1}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0FC582FB-0F17-499B-9ECF-AF644437FC8F}C:\users\peter\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\peter\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43E11C5E-B203-4140-8BFD-1F5B42D0DBA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0A214A1A-2DD6-4F01-80BE-60C438BAC3FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5070E996-DC2D-46DD-B214-E2FB6136DF54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F63152F4-9676-477A-8577-EF779D565E55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6ABEE681-88B8-475A-BB58-445C1EE3372B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9342FA03-9ACE-4556-9132-803139640011}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A5C47497-B2BE-4D20-B8F9-3F6179C66EAD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DFD6690-82A8-48C7-B92A-40926CEB8424}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D4782BC-DE57-44E4-B5C6-83D8AF2157B2}] => (Allow) LPort=8032
FirewallRules: [TCP Query User{BEEF4E1F-E62A-4009-89D3-5256D3B2476D}C:\program files\dassault systemes\solidworks 3dexperience\win_b64\code\bin\enoplmcsaclient.exe] => (Allow) C:\program files\dassault systemes\solidworks 3dexperience\win_b64\code\bin\enoplmcsaclient.exe (DASSAULT SYSTEMES SE -> Dassault Systemes)
FirewallRules: [UDP Query User{BBD4AAB8-1145-41F3-B094-0804F1FDD2F8}C:\program files\dassault systemes\solidworks 3dexperience\win_b64\code\bin\enoplmcsaclient.exe] => (Allow) C:\program files\dassault systemes\solidworks 3dexperience\win_b64\code\bin\enoplmcsaclient.exe (DASSAULT SYSTEMES SE -> Dassault Systemes)
FirewallRules: [{30A36063-3A6D-4565-A781-96B7EC9E935C}] => (Allow) LPort=8032
FirewallRules: [{3DC21D80-DD2F-401B-992F-2A53F876B361}] => (Allow) LPort=8032
FirewallRules: [{5E2E6B5A-2A79-459F-AC77-32DDDA5A8C85}] => (Allow) LPort=8032
FirewallRules: [{13D1BFF7-3CA4-45F7-A3B5-9871FC1FEB76}] => (Allow) LPort=8032
FirewallRules: [{68448566-F5D2-4BB6-9381-E5404F7E8B24}] => (Allow) LPort=8032
FirewallRules: [{93EBEF97-23F4-4C85-9904-B449D4827861}] => (Allow) LPort=8032
FirewallRules: [{D9D17661-3BF9-4A9C-8FFD-F446B1D2BF1E}] => (Allow) LPort=8032
FirewallRules: [{50B49B6A-E745-44F9-B9F6-B9980920C98D}] => (Allow) LPort=8032
FirewallRules: [{06696801-C662-484C-AEFE-B9074D33982A}] => (Allow) LPort=8032
FirewallRules: [{6B49B595-AA01-425D-BC08-8C99BDF40123}] => (Allow) LPort=8032
FirewallRules: [{2A84B04C-9C08-42D8-BC61-A883DCF71BEA}] => (Allow) LPort=8032
FirewallRules: [{1A24A517-C5D6-4171-B748-C5F4B8D39501}] => (Allow) LPort=8032
FirewallRules: [{4BB718DE-D256-4EB8-813D-56B4BC3808E9}] => (Allow) LPort=8032
FirewallRules: [{5397638A-A4F2-415B-B821-8DA298F06EF1}] => (Allow) LPort=8032
FirewallRules: [{1FD6C4C2-9BE9-4340-A096-A92E8F32E048}] => (Allow) LPort=8032
FirewallRules: [{6C0CFD33-CF5A-4AD8-B235-999828140088}] => (Allow) LPort=8032
FirewallRules: [TCP Query User{ABAAB701-D6F7-4BDA-A7E6-48C7AF289EA3}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe () [File not signed]
FirewallRules: [UDP Query User{A45F3896-3AF4-457F-A042-CBD44E19F00C}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe () [File not signed]
FirewallRules: [{7488F43A-A783-49DB-A5B1-0B1C809C02A7}] => (Allow) LPort=8032
FirewallRules: [TCP Query User{86990A7E-2650-4E26-BBF7-3B1F91F4A3BF}C:\program files (x86)\phoenixrc\update.exe] => (Allow) C:\program files (x86)\phoenixrc\update.exe (Runtime Games Ltd) [File not signed]
FirewallRules: [UDP Query User{EF13B800-F9E4-4DDB-9C43-F91F1E001603}C:\program files (x86)\phoenixrc\update.exe] => (Allow) C:\program files (x86)\phoenixrc\update.exe (Runtime Games Ltd) [File not signed]
FirewallRules: [{5B98CCF2-E7B1-4BA7-8190-308BC0C4988C}] => (Allow) LPort=8032
FirewallRules: [{2726F87A-39DB-4D3E-A5B2-145D05B5E60F}] => (Allow) LPort=8032
FirewallRules: [{957C6EE5-7B49-4E55-A039-152674D18902}] => (Allow) LPort=8032
FirewallRules: [{6C7C906E-711E-47AA-A48A-E2C63E33C5B6}] => (Allow) LPort=8032
FirewallRules: [{5D843FAE-E6AB-459C-BC4E-F136014B9337}] => (Allow) LPort=8032
FirewallRules: [{56281D72-831A-4B8D-B873-825DCA08D935}] => (Allow) LPort=8032
FirewallRules: [{FFBB8359-41F5-4408-BA48-6D08A2DE1021}] => (Allow) LPort=8032
FirewallRules: [{A1ADC5DE-8102-4894-BC92-3659F15BD0A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0829A485-3712-4A49-89BD-76A3F1B090E2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F6625E9-54D0-414A-AD76-8D2F5572A38B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6D268B0-FFD5-48B3-B3E6-80745900C59A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{44BB55D0-400F-470E-9612-12E77C73A7D0}] => (Allow) LPort=8032
FirewallRules: [{E74A3D1E-1765-4FC0-862B-F5C0342404F4}] => (Allow) LPort=8032
FirewallRules: [{4AD28E1A-8B49-4E68-8BF4-3B54F337377B}] => (Allow) LPort=8032
FirewallRules: [{4FB556EB-D0B7-41F1-8EA5-6391F100DC61}] => (Allow) LPort=8032
FirewallRules: [{C5EA7C02-56C5-4231-9430-24B4BA9A6925}] => (Allow) LPort=8032
FirewallRules: [{44CDA0D4-73AC-419A-9DB6-90AA3476ECF8}] => (Allow) LPort=8032
FirewallRules: [{51905972-00DD-49BF-95D6-954C88AC988D}] => (Allow) LPort=8032
FirewallRules: [{B6C06877-26A8-4412-804B-8E5FC1AB48F7}] => (Allow) LPort=8032
FirewallRules: [{0A90037E-346B-46DD-A43B-4F49552D6BB0}] => (Allow) LPort=8032
FirewallRules: [{82DAE545-4F6E-46E8-8CAA-3246DD6730A0}] => (Allow) LPort=8032
FirewallRules: [{13658A79-FC1F-4F2E-9ECB-8BED6B40AA89}] => (Allow) LPort=8032
FirewallRules: [{C4EFA70E-B98C-4F8C-A66B-77EEC10D68FE}] => (Allow) C:\Program Files\Insta360 Studio\Insta360 Studio.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{7F532C0C-BD4C-407A-A998-83A0A74BA932}] => (Allow) C:\Program Files\Insta360 Studio\insta360-proxy-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{41883523-1D58-43E1-B5D8-0722FD8BE9E6}] => (Allow) C:\Program Files\Insta360 Studio\insta360-network-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{147EA3F3-4BE9-427B-B7C0-6F870BE99372}] => (Allow) C:\Program Files\Insta360 Studio\insta360-exporter-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{218C4FF6-1495-4191-9277-0BCED336BF0F}] => (Allow) C:\Program Files\Insta360 Studio\insta360-thumbnail-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{DFF7AFB2-36F6-4138-9390-3A18A618571E}] => (Allow) C:\Program Files\Insta360 Studio\Insta360 Studio.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{214A2EA6-A782-460D-8A68-478D844611E8}] => (Allow) C:\Program Files\Insta360 Studio\insta360-proxy-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{4B4292E3-878A-4B9F-8FB7-0D2A733CCBB6}] => (Allow) C:\Program Files\Insta360 Studio\insta360-network-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{BEEE0E71-CD16-4CB8-B709-101718456DF6}] => (Allow) C:\Program Files\Insta360 Studio\insta360-exporter-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{482A912A-B86A-4CAE-8247-4034971453D1}] => (Allow) C:\Program Files\Insta360 Studio\insta360-thumbnail-service.exe (影石创新科技股份有限公司 -> Arashi Vision Inc.)
FirewallRules: [{C13BDCA8-EF40-4F01-9E83-41737C995B04}] => (Allow) LPort=8032
FirewallRules: [{E56916DA-C713-4882-8F63-41526C886427}] => (Allow) LPort=8032
FirewallRules: [{1AE61549-1FFC-42BB-B1DA-72EC4B2BB3D4}] => (Allow) LPort=8032
FirewallRules: [{26A2A2E8-6D4C-46A4-AB50-C2BCC3F142BC}] => (Allow) LPort=8032
FirewallRules: [{13C529D5-2CB8-41EF-AAA0-A08AE183FB38}] => (Allow) LPort=8032
FirewallRules: [{D2697C7B-51EA-47FB-8ACC-4875F5188476}] => (Allow) LPort=8032
FirewallRules: [{FA80B7DA-C27A-4EEE-AC82-F02CF4C0F605}] => (Allow) LPort=8032
FirewallRules: [{11770B71-2FF2-4683-9F28-80451AA2B4B6}] => (Allow) LPort=8032
FirewallRules: [{337E108A-E38B-41CD-BFC4-DC5EFED939B9}] => (Allow) LPort=8032
FirewallRules: [{CE34D36A-E7AE-483D-BA2B-B922E3E42810}] => (Allow) LPort=8032
FirewallRules: [{63408CEE-975C-42C5-B331-84EB90A31E21}] => (Allow) LPort=8032
FirewallRules: [{8E1B0E0C-B92D-4318-8097-D07B29F25ECA}] => (Allow) LPort=8032
FirewallRules: [{8DA3EB09-A1F4-44BC-B262-9C1B6A78EF20}] => (Allow) LPort=8032
FirewallRules: [TCP Query User{2F0C2BAD-4389-4550-9B1F-BDF817C050CA}C:\program files\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\program files\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [UDP Query User{DF11F029-A2DE-4A63-BC27-A24238765B2B}C:\program files\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\program files\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [{A73C4390-FC9C-4851-B5B3-D677D3CDBB4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{BB9E8950-F1B6-400D-87E2-8B56E933FCAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{92C50F16-2221-4B36-A87C-6826056C6118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CAD1299-3451-4D70-970B-96E01488BF0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDA02685-D089-4EB8-94CF-123FB43731AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{F5077BD3-81C9-44F3-BFFA-58847B3993B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{40911291-0785-42A3-BC61-1B07C8A33BCA}] => (Allow) LPort=8032
FirewallRules: [{E1863EFA-C9AB-41F2-8418-585FFD1670AF}] => (Allow) LPort=8032
FirewallRules: [{CA0A348F-D4BB-4220-85E5-8E76F200A1F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51146493-99B5-4815-A0D7-14864CDC3299}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{026CB847-311F-4989-ABFC-3FBCCA038D6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24F4D913-A001-43FD-A995-24FA341440AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60E5789B-F088-47C4-8C21-0E20A8EB5B6C}] => (Allow) LPort=8032
FirewallRules: [{2F1FF52C-ADA2-4BA2-8C8F-CCF3F935A32D}] => (Allow) LPort=8032
FirewallRules: [{E424915D-8EB7-4528-BCB2-4D13767367FD}] => (Allow) LPort=8032
FirewallRules: [{2D154414-CCF4-485F-9A02-5F06CD434E5F}] => (Allow) LPort=8032
FirewallRules: [{4A9C0EAE-C4A2-4E6A-B8F4-9CEE5BA8D604}] => (Allow) LPort=8032
FirewallRules: [{383DE787-29A0-4450-98D4-829C914CA883}] => (Allow) LPort=8032
FirewallRules: [{29905DED-2CCF-4337-A4BE-4FC3930F6E75}] => (Allow) LPort=8032
FirewallRules: [{D039010D-8110-4363-B3F9-7A00A369B032}] => (Allow) LPort=8032
FirewallRules: [{25E00B5E-CF9A-49AA-82B6-3462B79B2D4C}] => (Allow) LPort=8032
FirewallRules: [{0A4B7BC6-F4F4-49DE-9D3B-08FA0C3A0BD1}] => (Allow) LPort=8032
FirewallRules: [{6133FE5D-5372-4877-BE36-63E845EDDBCC}] => (Allow) LPort=8032
FirewallRules: [{3EBDCCBD-EB16-40A8-85EA-C3550C4ACB87}] => (Allow) LPort=8032
FirewallRules: [{7236C9AF-AA8C-4203-8107-275B783992B1}] => (Allow) LPort=8032
FirewallRules: [{03681389-1984-4F96-920F-8B6C852A7238}] => (Allow) LPort=8032
FirewallRules: [{008251FA-1279-41A6-8348-575937D2598D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{27AD4AEE-8E14-4A41-82DA-1230A932CE84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [File not signed]
FirewallRules: [{7F0B9317-D43D-4D8A-9199-FD1D48E6DCF5}] => (Allow) LPort=8032
FirewallRules: [{C024408B-C601-410C-92C5-B719DC5F6E08}] => (Allow) LPort=8032
FirewallRules: [{764F30EF-8369-4E9B-B8E3-A1BC1952FF30}] => (Allow) LPort=8032
FirewallRules: [{7F9BDD80-53C1-431C-8386-4E55B419618D}] => (Allow) LPort=8032
FirewallRules: [{B88791BA-D8CC-4D2A-832B-FD54A12FB0A1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{37941C8C-4652-4AD9-A4FD-B6BCA811A63C}] => (Allow) LPort=8032
FirewallRules: [{69A09C1D-C90D-4E40-AFC6-44101F3D1173}] => (Allow) LPort=8032
FirewallRules: [{99EB947F-3877-418C-A72D-F703F7527751}] => (Allow) LPort=8032
FirewallRules: [{3088AA39-ABBE-45CF-A4FB-26F34CEDEAB5}] => (Allow) LPort=8032
FirewallRules: [{EC1DD96C-4C10-4B19-9619-E8C47FE5358F}] => (Allow) LPort=8032
FirewallRules: [{E5949A0D-25DD-4FE0-823E-CD968512C11A}] => (Allow) LPort=8032
FirewallRules: [{4F60F2C1-3A58-4873-9985-DA6F1B5AAA52}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F500ECE4-4A85-4C2F-8BF9-0ECCD27E8F07}] => (Allow) LPort=8032
FirewallRules: [{A75F337D-F575-4317-A248-A0150E22E3D9}] => (Allow) LPort=8032
FirewallRules: [{9D4FB06E-F9F1-479D-9747-9AF07B831715}] => (Allow) LPort=8032
FirewallRules: [{81E29D58-308C-4EDB-A3AD-D5C0F28A2F6F}] => (Allow) LPort=8032
==================== Restore Points =========================
31-05-2024 21:11:50 Windows Update
31-05-2024 21:11:54 Windows Update
04-06-2024 21:34:08 Windows Update
04-06-2024 21:34:11 Windows Update
11-06-2024 17:53:03 Windows Update
==================== Faulty Device Manager Devices ============
Name: Microsoft Device Association Root Enumerator
Description: Všeobecné softvérové zariadenie
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/11/2024 05:37:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jun 2024 15:37:51 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 560963aa-087d-4de0-b1cf-ffd999ccb57a
Method: GET(1000ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/11/2024 05:37:44 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jun 2024 15:37:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0abfe5a7-2019-49bd-8763-2a2cff76c931
Method: GET(3625ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/10/2024 04:50:11 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
Method: GET(16ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (06/10/2024 04:50:11 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
Method: GET(47ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (06/09/2024 09:38:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Jun 2024 19:38:54 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1ab5dcc5-f004-437c-b201-4af24339cbe7
Method: GET(594ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/09/2024 09:38:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Jun 2024 19:38:54 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: de07b72d-067a-473e-a4eb-5acd6a02cdd0
Method: GET(484ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/09/2024 03:17:51 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-B854KS8P$ via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Jun 2024 13:17:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c8ab4560-a0bb-4f72-9022-c93f6589d71a
Method: GET(531ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/09/2024 03:17:50 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 09 Jun 2024 13:17:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 123a3b65-f42c-4769-83b1-c046d6106a07
Method: GET(2015ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (06/11/2024 05:39:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (06/11/2024 05:39:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (30000 ms).
Error: (06/11/2024 05:37:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 6-krát.
Error: (06/11/2024 05:37:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service bola ukončená s nasledujúcou chybou:
The compound file GameInput Service was produced with a newer version of storage.
Error: (06/11/2024 05:37:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 5 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (06/11/2024 05:37:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service bola ukončená s nasledujúcou chybou:
The compound file GameInput Service was produced with a newer version of storage.
Error: (06/11/2024 05:37:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (06/11/2024 05:37:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service bola ukončená s nasledujúcou chybou:
The compound file GameInput Service was produced with a newer version of storage.
Windows Defender:
================
Date: 2024-06-07 21:59:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-05 23:13:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-05 21:47:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-04 17:38:13
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-04 17:06:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2024-05-01 21:59:29
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO FSCN26WW 09/09/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4600H with Radeon Graphics
Percentage of memory in use: 38%
Total physical RAM: 15741.32 MB
Available physical RAM: 9674.86 MB
Total Virtual: 18604.32 MB
Available Virtual: 11426.75 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:54.23 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS
\\?\Volume{3eab325d-57f8-443e-b5bd-3c31bd0c151b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.29 GB) NTFS
\\?\Volume{56692210-c7a4-4d5a-b3a6-0797f8aea057}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: EF1E1775)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventívnu kontrolu. Ďakujem!
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119313
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu. Ďakujem!
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\peter\OneDrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Otevřte poznámkový blok a zkopírujte do něj:
Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1E0F1F27-8C99-4FD2-9F82-A5BC92B29310} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EA4C37E6-F85A-46DB-A048-12E1DDB53863} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {178E0EBF-F8D1-472B-BE80-08377CFA5ED6} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {5B102AA8-8FDA-431C-8EED-30FAF272A525} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {08FC0D74-906F-4E3A-BC16-79793F7A297E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8290591C-8DFA-496D-9D77-FF20435A5BE6} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
AlternateDataStreams: C:\Users\peter\Downloads\cpu-z_2.08-en.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> DefaultScope {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
FirewallRules: [UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{146B6D0D-7564-4672-A523-2B9B9050EDB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{C1014E82-16EE-4B19-B80E-DB034A10026E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{0E5A9276-5EB2-486B-863A-23694AE2BD57}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{93595C55-748B-405E-A5D3-45EEB210093B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C88B65A4-2D9E-4232-9A50-C5629BD72E05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{B71D4229-CE96-407B-AD09-71DB9B16EBD1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{68F9D500-21B6-4A11-B64E-598D59B18222}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{2606D13E-FD02-438A-A68A-E96FF79A61F1}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.43\opera.exe => No File
FirewallRules: [{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.33\opera.exe => No File
FirewallRules: [UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
End
Uložte do C:\Users\peter\OneDrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventívnu kontrolu. Ďakujem!
Fix result of Farbar Recovery Scan Tool (x64) Version: 11.06.2024
Ran by peter (13-06-2024 21:43:46) Run:2
Running from C:\Users\peter\OneDrive\Desktop
Loaded Profiles: peter
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1E0F1F27-8C99-4FD2-9F82-A5BC92B29310} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EA4C37E6-F85A-46DB-A048-12E1DDB53863} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {178E0EBF-F8D1-472B-BE80-08377CFA5ED6} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {5B102AA8-8FDA-431C-8EED-30FAF272A525} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {08FC0D74-906F-4E3A-BC16-79793F7A297E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8290591C-8DFA-496D-9D77-FF20435A5BE6} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
AlternateDataStreams: C:\Users\peter\Downloads\cpu-z_2.08-en.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> DefaultScope {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
FirewallRules: [UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{146B6D0D-7564-4672-A523-2B9B9050EDB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{C1014E82-16EE-4B19-B80E-DB034A10026E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{0E5A9276-5EB2-486B-863A-23694AE2BD57}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{93595C55-748B-405E-A5D3-45EEB210093B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C88B65A4-2D9E-4232-9A50-C5629BD72E05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{B71D4229-CE96-407B-AD09-71DB9B16EBD1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{68F9D500-21B6-4A11-B64E-598D59B18222}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{2606D13E-FD02-438A-A68A-E96FF79A61F1}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.43\opera.exe => No File
FirewallRules: [{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.33\opera.exe => No File
FirewallRules: [UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E0F1F27-8C99-4FD2-9F82-A5BC92B29310}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E0F1F27-8C99-4FD2-9F82-A5BC92B29310}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA4C37E6-F85A-46DB-A048-12E1DDB53863}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA4C37E6-F85A-46DB-A048-12E1DDB53863}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{178E0EBF-F8D1-472B-BE80-08377CFA5ED6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{178E0EBF-F8D1-472B-BE80-08377CFA5ED6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B102AA8-8FDA-431C-8EED-30FAF272A525}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B102AA8-8FDA-431C-8EED-30FAF272A525}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08FC0D74-906F-4E3A-BC16-79793F7A297E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08FC0D74-906F-4E3A-BC16-79793F7A297E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8290591C-8DFA-496D-9D77-FF20435A5BE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8290591C-8DFA-496D-9D77-FF20435A5BE6}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1670952788 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1670952788" => removed successfully
HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
C:\Users\peter\Downloads\cpu-z_2.08-en.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-888362058-2165733168-3384824745-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F6DB884C-0CA5-403C-83D0-E87286A78544} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{146B6D0D-7564-4672-A523-2B9B9050EDB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1014E82-16EE-4B19-B80E-DB034A10026E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E5A9276-5EB2-486B-863A-23694AE2BD57}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93595C55-748B-405E-A5D3-45EEB210093B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C88B65A4-2D9E-4232-9A50-C5629BD72E05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B71D4229-CE96-407B-AD09-71DB9B16EBD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68F9D500-21B6-4A11-B64E-598D59B18222}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2606D13E-FD02-438A-A68A-E96FF79A61F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44842887 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 828969012 B
Windows/system/drivers => 7570697 B
Edge => 0 B
Chrome => 993321816 B
Firefox => 0 B
Opera => 223499 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 67664 B
peter => 75112222 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:44:44 ====
Ran by peter (13-06-2024 21:43:46) Run:2
Running from C:\Users\peter\OneDrive\Desktop
Loaded Profiles: peter
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1E0F1F27-8C99-4FD2-9F82-A5BC92B29310} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EA4C37E6-F85A-46DB-A048-12E1DDB53863} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {178E0EBF-F8D1-472B-BE80-08377CFA5ED6} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {5B102AA8-8FDA-431C-8EED-30FAF272A525} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {08FC0D74-906F-4E3A-BC16-79793F7A297E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8290591C-8DFA-496D-9D77-FF20435A5BE6} - System32\Tasks\Opera scheduled Autoupdate 1670952788 => C:\Users\peter\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
CustomCLSID: HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
AlternateDataStreams: C:\Users\peter\Downloads\cpu-z_2.08-en.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2724]
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> DefaultScope {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
SearchScopes: HKU\S-1-5-21-888362058-2165733168-3384824745-1001 -> {F6DB884C-0CA5-403C-83D0-E87286A78544} URL =
FirewallRules: [UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{146B6D0D-7564-4672-A523-2B9B9050EDB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe => No File
FirewallRules: [{C1014E82-16EE-4B19-B80E-DB034A10026E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{0E5A9276-5EB2-486B-863A-23694AE2BD57}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe => No File
FirewallRules: [{93595C55-748B-405E-A5D3-45EEB210093B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe => No File
FirewallRules: [{C88B65A4-2D9E-4232-9A50-C5629BD72E05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{B71D4229-CE96-407B-AD09-71DB9B16EBD1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe => No File
FirewallRules: [{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [{68F9D500-21B6-4A11-B64E-598D59B18222}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe => No File
FirewallRules: [UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe => No File
FirewallRules: [UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe] => (Allow) C:\program files\epic games\dyinglight\dyinglightgame.exe => No File
FirewallRules: [{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{2606D13E-FD02-438A-A68A-E96FF79A61F1}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.43\opera.exe => No File
FirewallRules: [{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}] => (Allow) C:\Users\peter\AppData\Local\Programs\Opera\101.0.4843.33\opera.exe => No File
FirewallRules: [UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe => No File
FirewallRules: [{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}] => (Allow) C:\Users\peter\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E0F1F27-8C99-4FD2-9F82-A5BC92B29310}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E0F1F27-8C99-4FD2-9F82-A5BC92B29310}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{6FBC75F6-10F5-4EE6-B217-4C547781627D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA4C37E6-F85A-46DB-A048-12E1DDB53863}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA4C37E6-F85A-46DB-A048-12E1DDB53863}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{178E0EBF-F8D1-472B-BE80-08377CFA5ED6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{178E0EBF-F8D1-472B-BE80-08377CFA5ED6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B102AA8-8FDA-431C-8EED-30FAF272A525}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B102AA8-8FDA-431C-8EED-30FAF272A525}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08FC0D74-906F-4E3A-BC16-79793F7A297E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08FC0D74-906F-4E3A-BC16-79793F7A297E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8290591C-8DFA-496D-9D77-FF20435A5BE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8290591C-8DFA-496D-9D77-FF20435A5BE6}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1670952788 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1670952788" => removed successfully
HKU\S-1-5-21-888362058-2165733168-3384824745-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
C:\Users\peter\Downloads\cpu-z_2.08-en.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-888362058-2165733168-3384824745-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-888362058-2165733168-3384824745-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F6DB884C-0CA5-403C-83D0-E87286A78544} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8F05A973-0DBD-4D6B-8479-8B140E21ADB9}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5AC84E94-59D9-49AB-80DA-FA310F8C78D3}C:\program files (x86)\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{146B6D0D-7564-4672-A523-2B9B9050EDB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1014E82-16EE-4B19-B80E-DB034A10026E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E5A9276-5EB2-486B-863A-23694AE2BD57}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93595C55-748B-405E-A5D3-45EEB210093B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A473B567-24D1-4ECA-908A-32F5A2ED7CC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C88B65A4-2D9E-4232-9A50-C5629BD72E05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B71D4229-CE96-407B-AD09-71DB9B16EBD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC21BA14-D8A1-46F4-ADAD-DB3C22CD538E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68F9D500-21B6-4A11-B64E-598D59B18222}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF00E254-E6EF-447F-BB52-75301371D327}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48D59E33-4B90-487C-B6F8-1C3DE15D33D2}C:\program files (x86)\steam\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C83FFC7B-A718-4072-9A0D-3E58F891FD57}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9EA05B7B-9B16-4568-ABCD-EB8AD77AADF3}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1CAD3731-7D67-4F14-B2E5-A8D76020D94C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E6F5C7D7-7FAF-474A-B333-D4D2C62521C5}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8847C506-9484-42B3-8EFD-18413DE4A71E}C:\program files\epic games\dyinglight\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33201DC5-8701-447E-A3DB-37940CB3F10C}C:\program files\epic games\dyinglight\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6812624-CBE2-4C2B-9C6D-CEA576336CF9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35FFDAE6-3203-4A66-BBA7-1B0B257D6A66}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13C12AA9-D20E-4AFD-BDD4-D5469369AD5C}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2606D13E-FD02-438A-A68A-E96FF79A61F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2BDD6C7D-5C56-4653-9D60-CAE78373D51E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{51C2B387-8801-4C9D-B787-09A13DC04D2A}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D52FB7D-8896-4807-AD64-5EDB2C6D64DA}C:\program files\kdenlive\bin\kdenlive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9D2C425-4A65-4F32-BBB9-3AC45D84C705}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44842887 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 828969012 B
Windows/system/drivers => 7570697 B
Edge => 0 B
Chrome => 993321816 B
Firefox => 0 B
Opera => 223499 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 67664 B
peter => 75112222 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:44:44 ====
-
Rudy
- Site Admin
- Příspěvky: 119313
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu. Ďakujem!
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119313
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu. Ďakujem!
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?