Stránka 1 z 2

Kontola logu

Napsal: 16 bře 2020 12:09
od smik
Zdravím Mohl by mi někdo mrknout na log? Při spouštění firefoxu se místo domovské stránky spouští nějaká jiná. Po kliku na domovskou se normálně spustí a jeví se OK.
Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by smiko (administrator) on VIKIHOME (Micro-Star International Co., Ltd MS-7C02) (16-03-2020 12:04:38)
Running from C:\Users\smiko\Desktop
Loaded Profiles: smiko (Available Profiles: smiko)
Platform: Windows 10 Pro Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\smiko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12527.20258.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12527.20258.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.1090_none_5715d73398f9ea47\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.10-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\APP Manager\AppManager.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [APP Manager] => C:\Program Files (x86)\MSI\APP Manager\AppManager.exe [3705520 2019-05-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835760 2019-11-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310832 2020-02-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [Chromium] => "c:\users\smiko\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NonSteam.bat [2018-02-18] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06D41DEE-DA74-47F8-85EE-590E3C6C51A0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {201B4158-80D9-4FC1-8533-EA873A99C3C8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2937F444-006F-406E-8F59-3D7CE9C73349} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3277AC39-AFC7-443A-BCF9-6EBE97CE18CE} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1037984 2019-03-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {34DA43D6-7FD6-4C34-969B-564395C8312B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {445451F8-75A9-4F0C-AC2A-26958530DB48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48B0A7CA-CF36-479D-A8A0-05AD9618F9BF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FF5F807-08BD-4358-B1DA-C31CC7B0B11E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5DEA1EC9-FD69-49D4-BBA0-8419BE75A1A2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6210BA4D-A656-43A7-9006-5168DFA2C805} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6489EB13-4538-4818-B9F4-89F0218768D4} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-smiko@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {6FF677AA-85C9-42AA-A810-C18B67E22A78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7708F330-0B02-423E-A1C2-2961309BF4BD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79F6C1C1-796B-44B5-AFB1-529D33F3C40C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8BCFFFEA-4CF1-47E8-AB4B-A202FAF23703} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [661240 2018-08-02] (Advanced Micro Devices Inc. -> )
Task: {92A0E92D-C644-4FE4-A6A7-F66B995505C4} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {93015E87-6395-4534-BE15-7D2334096A35} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {A6B86E06-9BFE-4C86-8951-723244A0BE5F} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {A71E2976-BEE1-480A-A397-A330D1C76D4E} - System32\Tasks\GoogleUpdateTaskMachineCore1d57551756d0b69 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {B02793D9-38B8-42A6-85C7-0193DB948F01} - System32\Tasks\GoogleUpdateTaskMachineUA1d57551756f6dcc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {E5F2920C-8315-485B-A6D2-42156E20F534} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAC7831C-E9C9-4ABF-ABCE-271C91BE77CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4E1F234-43E2-4DC4-BD15-8326C5563B5B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F85E2EDA-1400-4F67-A6DE-39851B24F102} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{60252b6a-ef9d-41bf-b07f-4c9e7acdbb0d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-16] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-16] (McAfee, LLC -> McAfee, LLC)

FireFox:
========
FF DefaultProfile: o5xsvfst.default
FF ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default [2020-03-16]
FF Homepage: Mozilla\Firefox\Profiles\o5xsvfst.default -> hxxps://www.seznam.cz/
FF Extension: (AdBlock) - C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-16] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-11-09] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-11-09] (GOG Sp. z o.o. -> GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [907224 2020-03-16] (McAfee, LLC -> McAfee, LLC)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343600 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255544 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507952 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2740912 2019-10-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_AppManager_Service; C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe [2055352 2019-01-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2325168 2020-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183480 2019-02-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [956920 2019-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [130056 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2258888 2018-12-19] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45536 2019-05-20] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24528 2019-04-18] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32728 2019-07-25] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [138064 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriverV13; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [71152 2018-11-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_fd5965e649b796e5\nvlddmkm.sys [23286504 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1154336 2019-06-19] (Realtek Semiconductor Corp. -> Realtek )
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [340488 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [290824 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2018. All rights reserved.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [115608 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\Windows\System32\drivers\wacomrouterfilter.sys [17816 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [376544 2020-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-16 12:04 - 2020-03-16 12:05 - 000029479 _____ C:\Users\smiko\Desktop\FRST.txt
2020-03-16 12:04 - 2020-03-16 12:04 - 000000000 ____D C:\FRST
2020-03-16 12:03 - 2020-03-16 12:03 - 002279936 _____ (Farbar) C:\Users\smiko\Desktop\FRST64.exe
2020-03-16 11:54 - 2020-03-16 11:54 - 000000000 ___HD C:\OneDriveTemp
2020-03-08 20:05 - 2020-03-08 20:05 - 000284286 _____ C:\Users\smiko\Desktop\cukr rozvary.pdf
2020-03-08 17:26 - 2020-03-08 17:26 - 000002239 _____ C:\Users\Public\Desktop\The Conquerors.lnk
2020-03-08 17:26 - 2020-03-08 17:26 - 000002122 _____ C:\Users\Public\Desktop\Age of Empires II.lnk
2020-03-08 17:26 - 2020-03-08 17:26 - 000000000 ____D C:\ProgramData\Caphyon
2020-03-08 17:26 - 2020-03-08 17:26 - 000000000 ____D C:\Program Files (x86)\Age of Empires II - The Conquerors
2020-03-08 17:25 - 2020-03-08 17:25 - 000000000 ____D C:\Users\smiko\AppData\Roaming\Microsoft Game Studios
2020-03-08 17:09 - 2020-03-08 17:13 - 371989244 _____ (Microsoft Game Studios) C:\Users\smiko\Desktop\Age of Empires 2 + The Conquerors CZ.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-03-02 18:36 - 2020-02-25 21:24 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000441760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-03-02 18:36 - 2020-02-25 21:24 - 000344296 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-03-02 18:36 - 2020-02-25 21:23 - 011834784 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-03-02 18:36 - 2020-02-25 21:23 - 010159848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 002068384 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001562512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001476328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 001138592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000816872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000677792 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000671120 _____ C:\Windows\system32\nvofapi64.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000551312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-03-02 18:36 - 2020-02-25 21:22 - 000539024 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 040502200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 035371448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 017462384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 015029360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 005377424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 004714424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001719016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444250.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001482976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444250.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001364368 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 001058704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 000807144 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-03-02 18:36 - 2020-02-25 21:21 - 000653032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-03-02 18:36 - 2020-02-25 03:06 - 000055872 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2020-02-20 05:40 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444219.dll
2020-02-20 05:40 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444219.dll
2020-02-20 02:52 - 2020-03-16 12:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-19 17:08 - 2020-02-01 07:36 - 000801080 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-16 12:02 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-16 12:02 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2020-03-16 12:01 - 2018-09-15 08:23 - 000000000 ____D C:\Windows\CbsTemp
2020-03-16 11:56 - 2018-11-30 21:19 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-16 11:54 - 2018-12-22 19:13 - 000000000 ____D C:\Users\smiko\AppData\Roaming\WTablet
2020-03-16 11:54 - 2018-11-30 23:01 - 000000000 ___RD C:\Users\smiko\Creative Cloud Files
2020-03-16 11:54 - 2018-11-30 22:52 - 000000000 ____D C:\Users\smiko\AppData\Local\Adobe
2020-03-16 11:54 - 2018-11-30 21:16 - 000000000 ____D C:\Users\smiko\AppData\LocalLow\Mozilla
2020-03-16 11:54 - 2018-11-30 21:11 - 000000000 ___RD C:\Users\smiko\OneDrive
2020-03-16 11:52 - 2018-11-30 21:08 - 000005810 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-16 11:52 - 2018-09-15 18:39 - 003208998 _____ C:\Windows\system32\perfh005.dat
2020-03-16 11:52 - 2018-09-15 18:39 - 000914470 _____ C:\Windows\system32\perfc005.dat
2020-03-16 11:46 - 2018-12-01 04:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-16 11:46 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-09 21:26 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-09 21:21 - 2018-12-01 04:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-09 18:28 - 2019-10-04 16:12 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-08 21:25 - 2018-12-01 14:53 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-08 17:26 - 2018-09-15 08:41 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-03-08 17:26 - 2018-09-15 08:41 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-03-08 17:26 - 2018-09-15 08:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2020-03-08 17:26 - 2018-09-15 08:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000472576 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-03-08 17:26 - 2018-09-15 08:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2020-03-08 17:26 - 2018-09-15 08:37 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2020-03-06 13:21 - 2019-03-22 18:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-06 13:21 - 2019-03-22 18:21 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-03 17:29 - 2018-12-27 12:37 - 000000000 ____D C:\Users\smiko\AppData\Local\CrashDumps
2020-03-03 17:29 - 2018-11-30 21:39 - 000000000 ____D C:\MSI
2020-03-03 17:27 - 2018-11-30 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2020-03-03 17:15 - 2018-11-30 21:39 - 000000000 ____D C:\Program Files (x86)\MSI
2020-03-02 22:40 - 2019-05-25 18:21 - 000000747 _____ C:\Users\smiko\Desktop\Lightroom.lnk
2020-03-02 22:40 - 2019-05-25 18:21 - 000000747 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2020-03-02 22:32 - 2019-12-06 11:18 - 000000759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-03-02 22:32 - 2019-08-16 18:27 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-03-02 22:32 - 2018-11-30 22:56 - 000000000 ____D C:\ProgramData\Adobe
2020-03-02 22:32 - 2018-11-30 21:09 - 000000000 ____D C:\Users\smiko\AppData\Roaming\Adobe
2020-03-02 21:07 - 2019-06-11 18:02 - 000000776 _____ C:\Users\smiko\Desktop\Adobe Lightroom Classic.lnk
2020-03-02 21:07 - 2019-06-11 18:02 - 000000776 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2020-03-02 18:39 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2020-03-01 16:45 - 2018-12-01 04:01 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-02-26 01:20 - 2018-12-01 08:17 - 004964904 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-02-26 01:20 - 2018-12-01 08:17 - 004233104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-02-25 18:12 - 2018-11-30 21:09 - 000000000 ____D C:\Users\smiko\AppData\Local\Packages
2020-02-25 18:11 - 2019-10-10 13:24 - 000000000 ____D C:\Program Files\Adobe
2020-02-25 18:08 - 2018-11-30 21:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-25 03:06 - 2018-12-01 08:17 - 000055845 _____ C:\Windows\system32\nvinfo.pb
2020-02-25 03:06 - 2018-11-30 21:28 - 001691632 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2020-02-25 03:06 - 2018-11-30 21:28 - 000237392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-02-24 22:02 - 2018-12-07 19:26 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-02-24 21:40 - 2018-12-07 19:26 - 005571056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 002630968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000660792 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000446264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-02-24 21:40 - 2018-12-07 19:26 - 000074552 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2020-02-20 19:34 - 2018-11-30 21:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-02-20 12:03 - 2018-12-07 19:26 - 008933257 _____ C:\Windows\system32\nvcoproc.bin
2020-02-19 18:00 - 2018-11-30 21:06 - 000002361 _____ C:\Users\smiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories ========

2019-09-02 17:03 - 2019-09-20 16:57 - 000000201 _____ () C:\Users\smiko\AppData\Roaming\WB.CFG
2018-11-30 22:56 - 2018-11-30 22:56 - 000000410 _____ () C:\Users\smiko\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Kontola logu

Napsal: 16 bře 2020 12:10
od smik
ještě addition log.


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (16-03-2020 12:05:26)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1039 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.84 - McAfee, LLC.)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3EB599FA-2599-4E13-A71E-9F94299DAD56}] => (Allow) LPort=26820
FirewallRules: [{6130B9AD-2809-4AFB-B0B8-9EF6FC4CCF43}] => (Allow) LPort=26822

==================== Restore Points =========================

19-02-2020 17:08:17 Windows Update
01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()

Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)

Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])

Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])

Error: (03/03/2020 05:25:27 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: VIKIHOME)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (03/03/2020 05:22:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1fd4
Čas spuštění chybující aplikace: 0x01d5f177eb747257
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a5307973-c682-4342-86ee-58d55745ea5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 12:03:26 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:56:26 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:54:55 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 11:54:45 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16335.06 MB
Available physical RAM: 9655.19 MB
Total Virtual: 18767.06 MB
Available Virtual: 10570.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:177.9 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS

\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Kontola logu

Napsal: 16 bře 2020 14:27
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Kontola logu

Napsal: 16 bře 2020 19:54
od smik
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-16-2020
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1636 octets] - [16/03/2020 19:52:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Kontola logu

Napsal: 16 bře 2020 19:58
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Kontola logu

Napsal: 17 bře 2020 07:35
od smik
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (17-03-2020 07:32:31)
Running from C:\Users\smiko\Desktop
Windows 10 Pro Version 1809 17763.1098 (X64) (2018-11-30 20:04:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-361372833-3203800435-3869109125-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-361372833-3203800435-3869109125-503 - Limited - Disabled)
Guest (S-1-5-21-361372833-3203800435-3869109125-501 - Limited - Disabled)
smiko (S-1-5-21-361372833-3203800435-3869109125-1001 - Administrator - Enabled) => C:\Users\smiko
WDAGUtilityAccount (S-1-5-21-361372833-3203800435-3869109125-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_2) (Version: 3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1) (Version: 21.1.0 - Adobe Systems Incorporated)
Age of Empires 2 + The Conquerors CZ (HKLM-x32\...\Age of Empires 2 + The Conquerors CZ 1.1.0) (Version: 1.1.0 - Microsoft Game Studios)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 1.5.1.0862 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
DaVinci Resolve (HKLM\...\{4DA063F8-F151-4D1E-8BC2-43190DE2D31F}) (Version: 16.1.1005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{74ADC138-4768-4C5D-8123-B17527E513B5}) (Version: 1.3.1.0 - Blackmagic Design)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 1.TTRS.2019 - Thrustmaster)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Chromium (HKLM-x32\...\{9F0577C5-CF85-A645-7E05-D6C5AE850545}) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.32 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.1.02 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.97 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.51 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.43 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Ovládací panel NVIDIA 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.50 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.32-4 - Wacom Technology Corp.)
WhoCrashed 6.50 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1720.1.0_x86__kgqvnymyfvs32 [2020-03-16] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-11-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-02-06] (Realtek Semiconductor Corp)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DB4D96E886B0} -> [Creative Cloud Files] => C:\Users\smiko\Creative Cloud Files [2018-11-30 23:01]
CustomCLSID: HKU\S-1-5-21-361372833-3203800435-3869109125-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-11 17:30 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2020-03-03 17:15 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2018-11-30 22:02 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-03-03 17:27 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 10:57 - 2012-06-26 10:57 - 000918016 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2018-11-30 22:02 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4F0CA0BBC346E8A00D7266C474BFD9B5"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-361372833-3203800435-3869109125-1001\...\StartupApproved\Run: => "PC Suite Tray"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1C5F5BCD-F6FC-4FC1-9E7C-0AEF7953B2EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{416C8962-AF20-4940-8A73-5F5AED18204E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9EBD8FE-C977-45F2-874A-49788D6E32FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4CC7B5FB-F900-4D4E-A060-673DC144A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{419F1A5F-0523-4135-A9A3-48686E48023D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{273F0907-1D0F-488C-A0E7-D3062CB37596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{AB399452-ED70-4E13-9E5E-92FCA0C89CA9}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{783B3230-F4DF-4D2E-AA95-EA8C1D84D946}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{8C57CE0A-9751-434F-8824-FEFA0CE24FFB}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{7E7404FC-A42E-4300-A648-FA1807215F17}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\The Witcher 3 Wild Hunt GOTY\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{F05C5A82-25CB-4FB6-9E8F-5501B381CC69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{000E1CC3-3BB8-4FD0-90B1-2CC65DF84400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2018\F1_2018.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D44F0A1E-D48B-4316-8D6E-73432F34C064}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0C94E87-52F1-4F6F-B3C0-815A38E35C59}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{28FFF95B-9991-4BAE-9278-CCB3D5BBB9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{44089F53-0082-458C-875C-28566454FE94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{17828D4F-3C9F-4692-B3ED-B0209545114C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6E8C7F64-047B-4469-82F6-321097E1777D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8181688E-777B-4904-B09E-1A80B136C870}] => (Allow) C:\Users\smiko\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{1E93EA55-683F-4781-B4B5-EF2F118926EB}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{7F64FA66-3B9C-49C2-988F-F9B3402A3D03}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{6CB11C1F-7573-41A3-8370-2F348A9EBE60}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{9731A75A-9041-4998-86EE-A092AA97C3B9}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{E76AA42D-FFB0-4F7E-814C-5106F301A928}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{885BAABE-226E-4FCC-AC71-4CD9695700FB}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{DA8BD6C6-72B3-4587-9DC0-B5E41A49506E}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{7746AB6C-F742-4FD7-A004-55E1CB049B77}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [{AC0A44EF-D432-43D4-B951-B881C6A55CFA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A0CD796-94EB-4013-A183-F353133C1BAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{F0ABF50E-E873-4EE1-A2B4-0B932BC95B80}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{2809C755-DAC3-4255-8E5A-16C8DDE25E96}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{E3BDFBB4-A809-4FA3-A0AA-B0F446DE804B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{515E9762-755B-4E7C-8D9D-A0237E911CB6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{E9DA2F6C-3264-4CF9-8552-58BF8C730109}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{A09B8BEB-9064-47B0-824C-F00549A9E038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2CDAE953-2980-4FDA-9166-ADC3059A6D9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [TCP Query User{959216C5-A07E-4B1C-9A7D-5CCEA8ACB032}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{E4ED55D4-FD9E-46AF-AE89-F3F6E236C05D}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{64706F5A-50FA-4775-8AD6-35C446B5B287}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{A35A54F2-AFAB-4C0A-98C4-8EC49A94E3A4}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{6F879DC7-A5C3-4971-B159-3C4DE2DEE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E10628E-91E7-4C4C-AB92-133F445FA15A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FA2022B-5BF8-449F-9738-39208EAFE0D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E5CFD16-0215-4EF8-9CD6-258F93E9EF1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{1B9CA5CD-FE37-40E8-BB8D-79526B1FE511}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{845FB6FB-30EB-4F5C-8773-29D14853E8F5}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{400BF5DD-6408-4303-85D0-60B247D8EB75}] => (Allow) LPort=26789
FirewallRules: [{E7E5FD37-C0B4-46D9-9EE6-289E9E460A62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{26383A31-38BB-4AA6-B064-9A002036F025}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{E34C71FE-5E1D-4D31-83CD-8AA862E3A6CE}] => (Allow) C:\Program Files (x86)\Age of Empires II - The Conquerors\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{E1A55B7C-667C-4031-957A-ED65F7044EC9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9905005F-A7D6-40E5-8EEC-E0DE07A0B4B4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0375B92-37F1-482F-96A2-BE0305F33C8E}] => (Allow) LPort=26820
FirewallRules: [{3AD8EC3A-F16F-43F9-8BC9-AE1106EFAF3F}] => (Allow) LPort=26822

==================== Restore Points =========================

01-03-2020 16:45:29 Windows Update
03-03-2020 17:18:08 ENE RGB HAL
08-03-2020 17:26:35 Instalační služba modulů systému Windows
16-03-2020 12:01:10 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/16/2020 07:54:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.1098, časové razítko: 0xe934af74
Kód výjimky: 0xe0434352
Posun chyby: 0x00121a62
ID chybujícího procesu: 0x2014
Čas spuštění chybující aplikace: 0x01d5fbc4394a7baa
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 05114ff7-b542-496f-8786-ac4c2f4f10df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/16/2020 07:54:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()

Error: (03/03/2020 05:29:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d5f178dbd58b15
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7a24019a-a99c-461f-a65e-0ae6095c744a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:29:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.ThrowHelper.ThrowArgumentOutOfRangeException(System.ExceptionArgument, System.ExceptionResource)
na System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Item(Int32)
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()

Error: (03/03/2020 05:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2af8
Čas spuštění chybující aplikace: 0x01d5f178b30e4a3d
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a485d3a1-9c72-4150-aeb1-a9bede8b82c5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:27:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.ServiceProcess.ServiceInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.AssemblyInstaller.Install(System.Collections.IDictionary)
na System.Configuration.Install.Installer.Install(System.Collections.IDictionary)
na System.Configuration.Install.TransactedInstaller.Install(System.Collections.IDictionary)

Informace o výjimce: System.InvalidOperationException
na System.Configuration.Install.ManagedInstallerClass.InstallHelper(System.String[])
na GamingApp_Service.Program.Main(System.String[])

Error: (03/03/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingApp_Service.exe, verze: 6.2.0.78, časové razítko: 0x5b90a044
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0xfb6790ac
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000039159
ID chybujícího procesu: 0x2010
Čas spuštění chybující aplikace: 0x01d5f17898808422
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 460b53fe-285c-4484-abe0-516cc642087d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 05:27:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GamingApp_Service.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na TaskScheduler.ITaskFolder.DeleteTask(System.String, Int32)
na GamingApp_Service.Program.DeleteTask()
na GamingApp_Service.Program.Main(System.String[])


System errors:
=============
Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/17/2020 07:28:51 AM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:55:54 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2020 07:54:36 PM) (Source: DCOM) (EventID: 10016) (User: VIKIHOME)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VIKIHOME\smiko (SID: S-1-5-21-361372833-3203800435-3869109125-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2020-03-16 12:18:38.534
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F9AAA214-D2C4-40B3-92B3-57507299C078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-06 14:40:11.826
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C33E6E8B-A10D-4F85-A54A-985EFE3C19A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-02 20:59:03.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27222946-0763-4F0B-A1FB-26813B63721D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-01 16:55:41.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7EE8C170-EC0A-486F-872D-E57662A51077}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-02 18:01:04.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.311.413.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2018-12-06 20:21:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 20:21:25.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 18:13:23.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-06 18:13:22.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:05:57.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:05:56.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-04 17:39:26.034
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-12-04 17:39:25.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.30 11/06/2018
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16335.06 MB
Available physical RAM: 12412.11 MB
Total Virtual: 18767.06 MB
Available Virtual: 13353.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:173.68 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:143.77 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:931.39 GB) (Free:24.18 GB) NTFS
Drive h: (LRaPS) (Fixed) (Total:111.69 GB) (Free:101.12 GB) NTFS

\\?\Volume{2e297bc5-924b-4db7-9c44-be9375051e22}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{e5770488-c52a-4f00-93eb-46899d2f038d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 384EE063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1F451CBC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: D7E6F472)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Kontola logu

Napsal: 17 bře 2020 07:37
od smik
FRST nevešel tak je v příloze

Re: Kontola logu

Napsal: 17 bře 2020 10:17
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Kontola logu

Napsal: 17 bře 2020 12:13
od smik
Po resetu se automaticky spustí prohlížeč a odkazuje na "gatustox.net"
Log po fixu tady:

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by smiko (17-03-2020 12:09:49) Run:1
Running from C:\Users\smiko\Desktop
Loaded Profiles: smiko (Available Profiles: smiko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\smiko\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
FirewallRules: [{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{FB7B9960-B196-43AE-A403-22D73D29BD34}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{EDC5C664-E225-4213-BF7E-8F98E6BFB565}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{7C7F724D-FF9D-408C-BDE0-8D680617805A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)
Task: {66F03568-C552-4EC2-A265-CFB0C0956118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-23] (Google Inc -> Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\smiko\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5140A9A3-EF5D-4E5E-B337-C24CFBEE5359}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB7B9960-B196-43AE-A403-22D73D29BD34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1564EC1-A92F-40F6-ACC0-B5E681A2CC2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDC5C664-E225-4213-BF7E-8F98E6BFB565}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C7F724D-FF9D-408C-BDE0-8D680617805A}" => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16CA9A72-1A5B-4AE0-ADB8-80FD92AC165D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66F03568-C552-4EC2-A265-CFB0C0956118}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100299726 B
Java, Flash, Steam htmlcache => 121872268 B
Windows/system/drivers => 18029593 B
Edge => 2228105 B
Chrome => 0 B
Firefox => 1129127326 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 80373945 B
systemprofile32 => 82637681 B
LocalService => 82637681 B
NetworkService => 83613969 B
smiko => 243251795 B

RecycleBin => 327041 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:10:32 ====

Re: Kontola logu

Napsal: 17 bře 2020 13:01
od Rudy
Smazáno. Ještě vyčistíme prohlížeče. Spusťte posrupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: Kontola logu

Napsal: 17 bře 2020 19:34
od smik
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by smiko on 17.03.2020 at 19:16:39,79.
Microsoft Windows 10 Pro 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\smiko\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.03.2020 19:18:02 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Imagenomic deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\zzdga deleted successfully
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} deleted successfully
C:\Users\smiko\AppData\Local\DBG deleted successfully
C:\Users\smiko\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");

Added to C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng
---- FireFox user.js and prefs.js backups ----

prefs__1928_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Imagenomic not found
C:\PROGRA~3\{40727C4E-685A-0436-3002-2C1ED8EAF4C6} not found
C:\Users\smiko\.android deleted
C:\PROGRA~2\Age of Empires II - The Conquerors deleted
C:\Users\smiko\AppData\Roaming\WB.CFG deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\smiko\AppData\Local\oobelibMkey.log deleted
C:\Users\smiko\AppData\Local\{4652700E-62FA-1CB6-0F62-395E2B0AC5C6} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM27B67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7b99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bbd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7be2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7bf4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c05.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c3a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f00-173c-a7c5f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d43.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d45.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382d8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ea9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ebe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ed4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382ee9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-39e8-219c-382eeb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5451.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5453.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5455.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5467.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5469.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e546b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e547f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5481.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5483.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5494.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5496.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e5498.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-494-315c-1e54e1.tmp deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- AdBlock - %ProfilePath%\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\smiko\AppData\Roaming\Mozilla\Firefox\Profiles\o5xsvfst.default
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
D5C25FABAB84753E78CAABF0DBDAECF1 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\smiko\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 80.0.3987.132
Chromium Browser Version: 63.0.3237.0


Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bgbeocleofdgkldamjapfgcglnmhmjgb
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\bifdhahddjbdbjmiekcnmeiffabcfjgh
Internal Chromium Extension - smiko\AppData\Local\chromium\User Data\Default\Extensions\nabmpeienmkmicpjckkgihobgleppbkc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\smiko\AppData\Local\chromium\User Data\Default\Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Secure Preferences was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data was reset successfully
C:\Users\smiko\AppData\Local\chromium\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\smiko\AppData\Local\Mozilla\Firefox\Profiles\o5xsvfst.default\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\smiko\AppData\Local\chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1424 folders=138 556335357 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\smiko\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\smiko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\smiko\AppData\Local\Microsoft\Windows\INetCache\IE\YYOIROLL" not found

==== EOF on 17.03.2020 at 19:33:19,56 ======================

Re: Kontola logu

Napsal: 17 bře 2020 19:36
od smik
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by smiko (Administrator) on 17.03.2020 at 19:35:10,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.03.2020 at 19:35:53,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Kontola logu

Napsal: 17 bře 2020 19:45
od Rudy
OK. Nastala nějaká změna?

Re: Kontola logu

Napsal: 17 bře 2020 20:57
od smik
Tak bohužel. Po restartu se vždycky automaticky otevře prohlížeč (firefox)
na stránku viz screen

Re: Kontola logu

Napsal: 17 bře 2020 21:55
od Rudy
Dejte znovu logy FRST+Addition.