Totálně zpomalený notebook
Napsal: 14 čer 2020 20:20
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Predator (administrator) on LAPTOP-H32871D3 (Acer Predator PH317-51) (14-06-2020 21:03:52)
Running from C:\Users\Predator\Desktop
Loaded Profiles: Predator
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google) C:\Users\Predator\AppData\Local\Google\Chrome\User Data\SwReporter\83.237.200\software_reporter_tool.exe <4>
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.317.1359.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125896 2018-04-26] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91512680 2020-02-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Discord] => C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-01-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01444D27-8351-4DB1-AA67-27F1E924AC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DE687C-F481-41B5-B053-E0511B510E94} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1085A869-856B-4CE5-9AAD-4229C7FAF7D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {115C7F8E-0B62-4042-A238-1FFC099C8F6D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {11B931FC-ECAC-432E-B951-40E4E38B2BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12ED00EA-8749-4038-AD95-663DF7260F35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E77125-7724-4AC8-8487-9B5CF5E5E7A1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
Task: {18B06555-64FB-4F90-BE78-81E4388711F0} - System32\Tasks\PredatorSense => C:\Program Files (x86)\Acer\PredatorSense\PSLauncher.exe [580400 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1C697A04-79DF-4C4D-9878-F66446D85F45} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1E1C1C92-E582-42B6-864C-D4E7C639A8A6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {217A5170-499B-449C-A73B-E6919C8766EC} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {21B00D69-5CF1-43D8-9842-AC0601D0C6D4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2768176 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {23C0E068-F125-412B-9BF5-572E209A2220} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {244BEFDB-E880-44EE-B13B-5BBE27593B2A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24A8475F-867F-4678-AD83-D67DE61D8CEC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2655156B-B3FE-4692-8B58-89F240E1D69E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2737737B-CF08-48FA-B2D6-DDCDFD03B1F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2810412A-FCF0-42F8-AF30-ED7AD2C56193} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {299BE1C2-11E5-4E69-9174-C1E17FE4754A} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {35394D25-1A0E-46E2-97ED-97B7FDC09D53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39569F8D-4F22-43F4-824F-AD2A6CB072C0} - System32\Tasks\CareCenter\Classic Start Menu_Reg_HKLMRun => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Task: {3AA1E352-CE7A-4979-B913-B61A43C0C337} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {50AF418D-75B5-422A-A165-D54967A7A74C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349952 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {549ACB9F-C2FD-4B48-A1E4-BE354DFFAC1D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {55D20DFD-AEA5-4EE9-B5C5-FB27EDB84395} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B451963-E3E4-4469-8A64-0C7176AB88D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63582727-B214-4679-B1BB-C07A1A2A049E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {6C479381-72AE-439F-A55A-4C4D7E3DA060} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {72E6435D-EE5A-4F79-8871-130D0D5A1086} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {7FBC3EE5-EF69-421E-A34D-7AD045738C81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {8F0CB262-40BF-49E5-B3E0-620E2B84FA08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8F533A94-4FB9-49A8-86A0-C6CA8BDE4A6E} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {9144D162-402D-477F-BBA3-A1DF0FFC2865} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91DD54DC-5515-4301-9F76-847EA14497BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {96C0A2DE-D6B0-4E0D-91BB-F2DCE221E70A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B4FFA96-4872-4F2C-BDE2-CA67802549F7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {A765D56E-CD6F-4D33-AD92-7F74B293430C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB807AB6-BD0A-4F37-9533-A58C5DFE0E1F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC0FBED0-5ABE-4BED-AE99-23672D6AD557} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AED16B6F-BA4F-4C6B-84D5-297F1CD04F24} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {AFD0E1D2-15E6-42BD-B4C8-52C8FDDD967E} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9EBBD50-30B3-4EE6-9A9A-8E1466D5B01A} - System32\Tasks\CareCenter\WindowsDefender_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe
Task: {BA45BC73-7A38-450E-9B17-D7DDBAADB46C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDEEE973-AC64-4AB3-BC03-B0A9F937FFC0} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {C2FF00B5-9E79-425B-8C02-F26569FD14E6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {C87C7316-AFDE-458F-9CE6-BDE3B428E751} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0853616-4250-449E-94F1-78A18DE0AC30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0FF8321-70C3-43E2-9D5D-2278626A1B80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3316F38-6D0C-4E0A-AAB3-129224730CF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3866FBE-A8D4-4BBA-94A9-943E31990FAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F90606BE-2D70-46ED-874C-564F42B83774} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-02-21] (Acer Incorporated -> )
Task: {FD8AD5EC-2586-410C-9303-58C3829E0C2D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32b03b56-dfe5-4bb8-ba1a-8213a7f18dd9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c201dc45-900a-4a67-afc6-562ce01344f7}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Predator\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-14]
Edge Extension: (Amazon Assistant) - C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-06-14]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-06-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR Notifications: Default -> hxxps://novaplus.nova.cz; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
CHR Extension: (Dokumenty) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-23]
CHR Extension: (YouTube) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-06-01]
CHR Extension: (Gmail) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-07]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628224 2020-06-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818800 2020-03-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [947280 2020-06-12] (McAfee, LLC -> McAfee, LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860184 2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [791136 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSSvc; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [716592 2017-08-13] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-08-11] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-10] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S3 Rockstar Service; C:\Games\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-25] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-12-23] (Qualcomm Atheros -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [264176 2018-12-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [192952 2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_886b780ca50b5e3e\nvlddmkm.sys [22749640 2019-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-08-10] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2017-12-15] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [55560 2018-01-09] (SteelSeries ApS -> )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2019-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-06-09] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 21:03 - 2020-06-14 21:08 - 000040491 _____ C:\Users\Predator\Desktop\FRST.txt
2020-06-14 20:59 - 2020-06-14 21:06 - 000000000 ____D C:\FRST
2020-06-14 20:57 - 2020-06-14 20:58 - 002289152 _____ (Farbar) C:\Users\Predator\Desktop\FRST64.exe
2020-06-14 19:30 - 2020-06-14 19:30 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-14 19:25 - 2020-06-14 19:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-14 19:25 - 2020-06-14 19:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-14 17:33 - 2020-06-14 17:36 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-14 17:33 - 2020-06-14 17:35 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 10:55 - 2020-06-12 13:32 - 2838206999 _____ C:\Users\Predator\Downloads\Sherlock Holmes 2009 CZ dabing HD.mkv
2020-06-12 09:13 - 2020-06-12 09:13 - 000000000 ____D C:\Users\Predator\AppData\Local\Epic Games
2020-06-09 20:01 - 2020-06-09 20:01 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Ghost Town Games
2020-06-08 20:49 - 2020-06-08 20:49 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Creepy Jar
2020-06-08 20:23 - 2020-06-08 20:23 - 000001613 _____ C:\Users\Predator\Desktop\Green Hell.lnk
2020-06-08 14:58 - 2020-06-08 16:29 - 709326848 _____ C:\Users\Predator\Downloads\hlm-gree.iso
2020-06-08 14:58 - 2020-06-08 14:58 - 000044731 _____ C:\Users\Predator\Downloads\[CzT]Green_Hell_v_1_0_2019_CZ_.torrent
2020-06-07 20:54 - 2020-06-07 20:54 - 017578132 _____ C:\Users\Predator\Desktop\Fotky.rar
2020-06-07 20:53 - 2020-06-07 20:54 - 000000000 ____D C:\Users\Predator\Desktop\Fotky
2020-06-04 21:57 - 2020-06-05 00:19 - 2616193024 _____ C:\Users\Predator\Downloads\Diktátor - Full HD, CZ Dabing.avi
2020-06-02 18:23 - 2020-06-02 20:19 - 2137570294 _____ C:\Users\Predator\Downloads\Hobit_Šmakova dračí poušť_cz_The Hobbit_The Desolation of Smaug.avi
2020-05-31 21:15 - 2020-06-01 01:51 - 755473012 _____ C:\Users\Predator\Downloads\Hobit - neočekávaná cesta cz avi.avi
2020-05-27 10:45 - 2020-05-27 12:03 - 1435799552 _____ C:\Users\Predator\Downloads\Hercules-(The-Thracian-Wars)-CZ-2014.avi
2020-05-24 20:36 - 2020-05-24 20:36 - 000000000 ____D C:\Users\Predator\AppData\Local\ShadowTrackerExtra
2020-05-24 20:35 - 2020-06-09 18:56 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2020-05-24 20:35 - 2020-05-24 20:35 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-05-24 18:51 - 2020-05-24 18:51 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (2).exe
2020-05-24 18:43 - 2020-05-24 18:43 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (1).exe
2020-05-24 13:24 - 2020-05-24 13:24 - 000000000 ____D C:\ProgramData\PUBG
2020-05-24 13:23 - 2020-05-24 19:11 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2020-05-24 13:23 - 2020-05-24 18:51 - 000001110 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2020-05-24 13:23 - 2020-05-24 18:51 - 000001080 _____ C:\Users\Predator\Desktop\PUBG LITE.lnk
2020-05-21 20:23 - 2020-05-21 22:14 - 2048506209 _____ C:\Users\Predator\Downloads\Čarodějovy_hodiny_Cz_dabing.mkv
2020-05-20 12:39 - 2020-05-20 16:04 - 2272158039 _____ C:\Users\Predator\Downloads\Zloba Kralovna vseho zleho.mkv
2020-05-18 14:31 - 2020-05-18 14:44 - 000000000 ____D C:\Users\Predator\AppData\Roaming\CitizenFX
2020-05-18 13:04 - 2020-05-18 14:31 - 000000000 ____D C:\Users\Predator\AppData\Local\DigitalEntitlements
2020-05-17 19:20 - 2020-05-17 19:21 - 075217096 _____ (Rockstar Games.) C:\Users\Predator\Downloads\Rockstar-Games-Launcher.exe
2020-05-17 17:37 - 2020-05-17 17:37 - 000000969 _____ C:\Users\Predator\Desktop\Rockstar Games Launcher.lnk
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\ProgramData\Rockstar Games
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 21:08 - 2017-08-18 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-14 21:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-14 20:58 - 2017-11-24 00:13 - 000000000 ____D C:\Users\Predator\AppData\Local\ClassicShell
2020-06-14 20:28 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 20:22 - 2017-11-23 23:58 - 000000000 __SHD C:\Users\Predator\IntelGraphicsProfiles
2020-06-14 20:15 - 2019-07-11 03:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-14 20:15 - 2017-08-18 19:19 - 000000000 ___HD C:\Intel
2020-06-14 20:14 - 2019-07-11 01:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-14 19:45 - 2017-12-24 22:23 - 000000000 ____D C:\Games
2020-06-14 17:21 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-14 17:20 - 2017-11-23 14:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-12 10:29 - 2017-12-27 17:30 - 000000000 ____D C:\Users\Predator\Documents\The Witcher 3
2020-06-12 09:17 - 2019-02-16 16:05 - 000000000 ____D C:\Users\Predator\AppData\Local\BattlEye
2020-06-11 17:21 - 2019-02-28 20:48 - 000000000 ____D C:\Program Files\Epic Games
2020-06-11 09:14 - 2018-07-04 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-08 20:12 - 2017-12-24 19:32 - 000000000 ____D C:\Users\Predator\AppData\Roaming\uTorrent
2020-06-08 20:12 - 2017-11-23 09:17 - 000000000 ____D C:\Users\Predator\AppData\Local\CrashDumps
2020-06-07 10:54 - 2019-03-25 20:20 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Discord
2020-06-06 07:51 - 2019-05-13 21:03 - 000000000 ____D C:\Users\Predator\AppData\Local\PlaceholderTileLogoFolder
2020-06-05 23:03 - 2020-02-16 20:32 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2020-02-16 20:32 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 18:46 - 2018-01-21 18:22 - 000000000 ____D C:\Users\Predator\AppData\Local\Packages
2020-06-05 16:40 - 2019-07-11 03:23 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404591140-1402169592-305344172-1001
2020-06-05 16:40 - 2019-07-11 00:57 - 000002374 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-05 16:40 - 2017-11-24 00:01 - 000000000 ___RD C:\Users\Predator\OneDrive
2020-06-05 00:12 - 2017-11-24 00:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-04 21:58 - 2017-11-24 00:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 08:20 - 2018-02-15 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 14:54 - 2020-03-25 15:22 - 000002383 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-06-03 14:54 - 2020-03-25 15:22 - 000002375 _____ C:\Users\Predator\Desktop\Microsoft Teams.lnk
2020-06-03 12:25 - 2018-06-18 15:50 - 000000000 ____D C:\Users\Predator\AppData\Local\Ubisoft Game Launcher
2020-05-30 08:34 - 2017-11-23 12:05 - 000000000 ____D C:\Program Files\UNP
2020-05-28 14:36 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-24 18:32 - 2019-07-11 03:23 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FC7C20F0-1C60-468E-BD15-351185194884}
2020-05-24 10:06 - 2020-04-18 10:17 - 000000000 ____D C:\Users\Predator\AppData\Local\FiveM
2020-05-23 17:59 - 2019-07-11 02:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-23 17:59 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-23 17:59 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-22 20:39 - 2019-08-04 13:21 - 000000000 ____D C:\Program Files\CCleaner
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:12 - 000000000 ____D C:\Users\Predator\Documents\Rockstar Games
2020-05-17 17:41 - 2019-07-09 09:44 - 000000000 ____D C:\Users\Predator\AppData\Local\D3DSCache
2020-05-17 17:41 - 2017-12-26 09:18 - 000000000 ____D C:\Users\Predator\AppData\Local\Rockstar Games
==================== Files in the root of some directories ========
2018-06-01 21:39 - 2019-07-08 22:35 - 000007629 _____ () C:\Users\Predator\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Predator (14-06-2020 21:10:08)
Running from C:\Users\Predator\Desktop
Windows 10 Home Version 1909 18363.836 (X64) (2019-07-11 01:29:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-404591140-1402169592-305344172-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-404591140-1402169592-305344172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-404591140-1402169592-305344172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-404591140-1402169592-305344172-501 - Limited - Disabled)
Predator (S-1-5-21-404591140-1402169592-305344172-1001 - Administrator - Enabled) => C:\Users\Predator
WDAGUtilityAccount (S-1-5-21-404591140-1402169592-305344172-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3015 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Green Hell (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Green Hell) (Version: - HOODLUM)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Human Fall Flat ICE (HKLM-x32\...\Human Fall Flat ICE_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version: - Avalanche Studios)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.109 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.35 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20838 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Planetary Annihilation TITANS (HKLM-x32\...\Planetary Annihilation TITANS_is1) (Version: - )
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
PredatorSense (HKLM-x32\...\{5A98D6E3-1EDC-43B9-B4F6-0A2B7F872F22}) (Version: 2.01.3005 - Acer Incorporated)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype verze 8.57 (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.10 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.10 - SteelSeries ApS)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.20.0.22 - GOG.com)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Totally Accurate Battle Simulator Pre-Alpha version pre-alpha (HKLM-x32\...\{09C95BCB-5264-4F21-AA5F-D66E91167D6C}_is1) (Version: pre-alpha - Landfall Games)
Trine 4 The Nightmare Prince (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Trine 4 The Nightmare Prince) (Version: - HOODLUM)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 92.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\WhatsApp) (Version: 0.4.2088 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Worms W.M.D (HKLM-x32\...\Worms W.M.D_is1) (Version: - )
XSplit Gamecaster (HKLM-x32\...\{6653CF8C-38BE-4F69-8AB8-77E20E4F841E}) (Version: 2.8.1607.2032 - SplitmediaLabs)
Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.13.0_x64__b6e429xa66pga [2020-05-21] (Finebits OÜ) [MS Ad]
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2019-07-07] (Acer Incorporated)
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-07-09] (Axilesoft) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.169.300.0_x86__kgqvnymyfvs32 [2020-06-03] (king.com)
Deep Rock Galactic -> C:\Program Files\WindowsApps\CoffeeStainStudios.DeepRockGalactic_1.30.40449.2_x64__496a1srhmar9w [2020-05-30] (Coffee Stain Publishing)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-05] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.39.21501.0_x64__8wekyb3d8bbwe [2020-06-03] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-09] (Code Spark)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP) [Startup Task]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.9.0.0_x86__crhqpqs3x1ygc [2020-06-04] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-07-09] (Plex)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-07-09] (WinZip Computing)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Predator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2017-12-15 22:00 - 2017-12-15 22:00 - 002284032 _____ ( (Holtek) [File not signed]) [File is in use ] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2017-12-15 22:00 - 2017-12-15 22:00 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2012-06-26 14:08 - 2012-06-26 14:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 12:58 - 2012-06-26 12:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 14:08 - 2012-06-26 14:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\sharepoint.com -> hxxps://zspisek.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-08-10 21:13 - 000000153 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-404591140-1402169592-305344172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Predator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\712843reuwL._SS500_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D98F2EAD-FE90-4D4F-A3EA-61B92DBF57A7}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1BF63372-1EBB-4900-AEF0-277FD7D85213}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D555DC2C-A48B-4980-9D3C-5E00E4814245}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D4A50D7F-D3B3-4174-ABB9-6350E56237B0}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C20FF27-64A4-4C1F-B9B4-1B3ED973927E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{65445D62-2EEB-4226-A23C-CF1F37F227AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{725FF95A-0620-4FF0-8088-48F8E1CC0E65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{2ED35CF1-49B1-4FC3-BC7B-F495BBFA5F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8BAD61D1-F5F2-4373-BBE0-F6AE504B3A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{187ECDA7-AC77-4CAE-A0A8-2335D7BCA1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{A6396281-D7CA-4F2A-B540-389CD4D6693D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E589D51E-1816-4197-9B5D-8307876765E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFA86301-C76C-492E-BFC3-8AE3655F8715}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3A445BC-6E12-4EE4-A37A-33C51CEFC401}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7BEE9BD8-0B64-4629-9565-C7E4E56DDBBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{F262DB37-B0B8-486A-80E3-A6428ECBE762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{5007B0FE-1F6D-4244-947C-6B272324FEC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{217D40B4-4509-4059-A756-4BC1613A2C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{369216BA-C718-4252-9E7B-5BB9E854AB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8B5D28FA-D73B-4A95-90D5-EDF448ED56F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{347A409B-88FE-4F7C-A2B9-D7F9B253A8B3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4F980301-99D4-4ACA-B0BD-B9744DD1F114}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E3603C58-B6E6-4B49-9E22-EA0606DB68E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2599493D-15D9-467C-8531-1EF798B891BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A9851275-6AD7-4E07-B1F9-3CC414F86196}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{37039CF4-277F-438F-8270-1B3771585E02}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{800E5148-28B3-431A-AD2C-B48FFB4F7257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{8FABA55D-DEED-4A90-B19B-DE13499239F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{3FDE0431-C8A7-4A33-A2B0-B565B8C102A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{165C4117-C9D0-41EF-909F-AE2CC3E1F7A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{15BDA321-F3DE-4B80-8B91-B88240F8EEC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{6B58E5FA-019C-4C75-86E6-E98CE8C19C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{F020605C-7B87-40EA-B7A4-8679D98B25A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC77A00-FC32-43BB-8D9A-DEB01031A3C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BA486C3-C258-43B3-9ECE-14751665E942}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA012CDE-5D28-4A25-BCB5-A08BF70D9DAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{132C2BC1-AAEF-4841-80F0-637019F75209}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{655BA11B-ACDC-4866-9961-B6564CDE9504}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{3F53769E-1C4C-4D2D-A1CF-EFA07549BBA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1E4E3BA8-D13E-4577-BE99-8B949BF562C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F36A7DFA-3EC0-4037-8031-744A785098EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757DECA6-7B16-4441-A338-1D69EA28DCF2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2DF3267D-2AC5-4E52-B0D7-75E5579875B2}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5E67A9-2EC0-4F78-A410-98243C819A43}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{C53EF0A2-79F5-4F77-99CD-29445F9C9E0F}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{1AD55626-4781-46D1-8E6D-2BB8768E3814}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA529B22-4BAA-4125-8C12-DC8B4EA13FC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{64FA7DC1-8E61-4FEB-868D-CADA609222CB}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D813CE4E-63F0-4E5F-9D3A-CF61713F298A}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0703D789-6C85-43D8-A297-DCCA114FDCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F03C9FEB-245D-4DEA-BA95-A4FB90814C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{23FADE8F-554F-46C4-9692-FD7C0E2C1C0A}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{4B2CBC2A-F613-432C-9D07-AC8AE54AAD50}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5EA6124C-F169-4AE1-98E5-C360D9FBE975}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [UDP Query User{610E4D11-9E44-4FF0-B15A-525B07C86AA8}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [TCP Query User{B0418CE1-2FA7-43FE-8DAD-8BBC514692A8}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{CA6E2FEC-9DBA-4CCB-A39C-BDD29F3DCD6E}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B1C989A-FEBC-43AD-BBEE-12E51D828877}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6E3770A2-E167-4657-88E1-DD0DC58ADF5C}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1C4D9205-4666-4F96-88BF-04B22D92F065}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D49DE036-7805-4A1C-BC5C-73E8D201081E}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{94EB2751-65BA-4817-AC2A-2501DF68D1FC}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [UDP Query User{1B4D27B4-CFC9-45E3-B8B5-8E9BF91FA240}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{2B08065C-E8F4-4CBD-8667-FCA1D1476FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991D6650-66E9-486A-851F-F22D25D23377}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{606871D5-0199-41CC-9B6B-C6758E8FCDC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1508C5B2-5DA3-4228-8BCC-E4A01179C831}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{231928F7-2D1E-4C1E-84EA-1F259EA0705F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{79D08832-70D5-4099-BD54-8E56677AE5C4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{FF0362DF-9019-4F01-A2FC-D69BC13AECC4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{AC0678DD-6C6C-4F3F-8B46-636826D48638}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{2C135223-B3D2-4AB3-AA12-B58E7B55300F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{4DE159AB-1AAB-4F91-9D0B-D20BAEC3B86E}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{33479A1E-F2F1-4990-BEAA-19403BF583B2}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{66A22761-795F-4058-94F9-E2E71C1FDF6F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{BFD7422C-698F-44EB-9279-3CBF8D4EC70C}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{85479887-65A8-4087-8162-754513832B33}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{20704B60-4560-434A-9F05-6B0E3971120F}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{8C027259-B5FF-48D3-BE56-B2128DCF8725}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{FEFFA9F3-1525-420E-8605-1436F2A0721A}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{A06C02A6-5652-4A16-A282-19D91D9FF0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30BF3F-B77B-42F5-9D98-336C4EE1EC8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD94636E-8299-44D0-8267-4915F75AE44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B2738C2-2A70-4907-9105-9BB7E294D075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76942212-081A-4E5A-924F-5BAEC632A571}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{759F3432-D565-4EB5-875D-E31D678E85BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EF82119-789B-4F41-8310-F6FE0CAC1E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC794A6B-6BDD-47A7-A26E-96D591C73EE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8E9CE3-3DDA-4D20-8001-8FEADA05D19E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20CCC4E4-A43F-4F66-A1A0-FAF9844EE7B6}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 09:05:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 08:44:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11396,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 08:35:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2012,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 07:50:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.18362.836, časové razítko: 0xb8640219
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x48bc
Čas spuštění chybující aplikace: 0x01d642611e32c99a
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 8efcdef2-3656-48cc-b4c5-e1ef1f41bcf7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/14/2020 07:47:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21072,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Pokus o vytvoření souboru C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/14/2020 06:16:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18424,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (06/14/2020 08:29:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (06/14/2020 08:27:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.
Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (06/14/2020 08:23:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (06/14/2020 08:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2020-06-14 20:34:00.980
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe provádění změn v paměti.
Čas detekce: 2020-06-14T18:34:00.891Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
Verze bezpečnostních informací: 1.317.1359.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-14 17:09:35.703
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe provádění změn v paměti.
Čas detekce: 2020-06-14T15:09:35.666Z
Uživatel: LAPTOP-H32871D3\Predator
Cesta: \Device\CdRom0
Název procesu: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
Verze bezpečnostních informací: 1.317.1209.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-12 11:06:35.331
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T09:06:35.331Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-12 09:20:43.389
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T07:20:43.389Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-05 10:19:31.207
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68503505-D168-4EE6-A7BC-DAEDB2A51D84}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-06-14 19:41:00.595
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-06-14 17:17:23.933
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-05-29 10:45:51.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-29 10:45:51.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-07-21 08:02:04.537
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.528
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:00.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-20 07:47:21.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.09 07/06/2017
Motherboard: KBL Sienna_KLS
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 51%
Total physical RAM: 8075.6 MB
Available physical RAM: 3904.77 MB
Total Virtual: 16267.6 MB
Available Virtual: 10479.68 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:164.77 GB) NTFS
\\?\Volume{8e50c848-128d-46d1-bb22-1be59db4d711}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.54 GB) NTFS
\\?\Volume{ecc835b1-9baa-468e-b73a-034ba01cdaa1}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AEEE2585)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Predator (administrator) on LAPTOP-H32871D3 (Acer Predator PH317-51) (14-06-2020 21:03:52)
Running from C:\Users\Predator\Desktop
Loaded Profiles: Predator
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google) C:\Users\Predator\AppData\Local\Google\Chrome\User Data\SwReporter\83.237.200\software_reporter_tool.exe <4>
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f51939e52b944f4b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9307632b3abedc2b\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Predator\AppData\Local\Microsoft\Teams\current\Teams.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.317.1359.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.892_none_5efe5b5a590f76dc\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia -> Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2018-09-05] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97509120 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Predator\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125896 2018-04-26] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91512680 2020-02-14] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32194448 2020-06-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [Discord] => C:\Users\Predator\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Predator\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-01-13]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01444D27-8351-4DB1-AA67-27F1E924AC63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {06DE687C-F481-41B5-B053-E0511B510E94} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1085A869-856B-4CE5-9AAD-4229C7FAF7D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {115C7F8E-0B62-4042-A238-1FFC099C8F6D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {11B931FC-ECAC-432E-B951-40E4E38B2BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12ED00EA-8749-4038-AD95-663DF7260F35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13E77125-7724-4AC8-8487-9B5CF5E5E7A1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: <Company name>)
Task: {18B06555-64FB-4F90-BE78-81E4388711F0} - System32\Tasks\PredatorSense => C:\Program Files (x86)\Acer\PredatorSense\PSLauncher.exe [580400 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1C697A04-79DF-4C4D-9878-F66446D85F45} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-08-13] (Acer Incorporated -> Acer Incorporated)
Task: {1E1C1C92-E582-42B6-864C-D4E7C639A8A6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {217A5170-499B-449C-A73B-E6919C8766EC} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {21B00D69-5CF1-43D8-9842-AC0601D0C6D4} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2768176 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {23C0E068-F125-412B-9BF5-572E209A2220} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167696 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {244BEFDB-E880-44EE-B13B-5BBE27593B2A} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24A8475F-867F-4678-AD83-D67DE61D8CEC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2655156B-B3FE-4692-8B58-89F240E1D69E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2737737B-CF08-48FA-B2D6-DDCDFD03B1F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2810412A-FCF0-42F8-AF30-ED7AD2C56193} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {299BE1C2-11E5-4E69-9174-C1E17FE4754A} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {35394D25-1A0E-46E2-97ED-97B7FDC09D53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39569F8D-4F22-43F4-824F-AD2A6CB072C0} - System32\Tasks\CareCenter\Classic Start Menu_Reg_HKLMRun => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Task: {3AA1E352-CE7A-4979-B913-B61A43C0C337} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D328568-6C20-4D5C-B878-4E5EB902FB95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {50AF418D-75B5-422A-A165-D54967A7A74C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349952 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {549ACB9F-C2FD-4B48-A1E4-BE354DFFAC1D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {55D20DFD-AEA5-4EE9-B5C5-FB27EDB84395} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B451963-E3E4-4469-8A64-0C7176AB88D3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63582727-B214-4679-B1BB-C07A1A2A049E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {6C479381-72AE-439F-A55A-4C4D7E3DA060} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {72E6435D-EE5A-4F79-8871-130D0D5A1086} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {7FBC3EE5-EF69-421E-A34D-7AD045738C81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C98F76-8A30-40CC-A455-C38260769978} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-24] (Google Inc -> Google Inc.)
Task: {8F0CB262-40BF-49E5-B3E0-620E2B84FA08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {8F533A94-4FB9-49A8-86A0-C6CA8BDE4A6E} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {9144D162-402D-477F-BBA3-A1DF0FFC2865} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91DD54DC-5515-4301-9F76-847EA14497BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6291352 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {96C0A2DE-D6B0-4E0D-91BB-F2DCE221E70A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B4FFA96-4872-4F2C-BDE2-CA67802549F7} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {A765D56E-CD6F-4D33-AD92-7F74B293430C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AB807AB6-BD0A-4F37-9533-A58C5DFE0E1F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC0FBED0-5ABE-4BED-AE99-23672D6AD557} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AED16B6F-BA4F-4C6B-84D5-297F1CD04F24} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-08-11] (Acer Incorporated -> Acer Incorporated)
Task: {AFD0E1D2-15E6-42BD-B4C8-52C8FDDD967E} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9EBBD50-30B3-4EE6-9A9A-8E1466D5B01A} - System32\Tasks\CareCenter\WindowsDefender_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe
Task: {BA45BC73-7A38-450E-9B17-D7DDBAADB46C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDEEE973-AC64-4AB3-BC03-B0A9F937FFC0} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {C2FF00B5-9E79-425B-8C02-F26569FD14E6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {C87C7316-AFDE-458F-9CE6-BDE3B428E751} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-12-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F0853616-4250-449E-94F1-78A18DE0AC30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0FF8321-70C3-43E2-9D5D-2278626A1B80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3316F38-6D0C-4E0A-AAB3-129224730CF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3866FBE-A8D4-4BBA-94A9-943E31990FAA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F90606BE-2D70-46ED-874C-564F42B83774} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-02-21] (Acer Incorporated -> )
Task: {FD8AD5EC-2586-410C-9303-58C3829E0C2D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32b03b56-dfe5-4bb8-ba1a-8213a7f18dd9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c201dc45-900a-4a67-afc6-562ce01344f7}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> DefaultScope {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
SearchScopes: HKU\S-1-5-21-404591140-1402169592-305344172-1001 -> {1E66B54E-C49E-4E99-9671-ABE6F194F416} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-06-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Predator\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-14]
Edge Extension: (Amazon Assistant) - C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-06-14]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-06-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR Notifications: Default -> hxxps://novaplus.nova.cz; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-24]
CHR Extension: (Dokumenty) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-23]
CHR Extension: (YouTube) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-06-01]
CHR Extension: (Gmail) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-07]
CHR Profile: C:\Users\Predator\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8628224 2020-06-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818800 2020-03-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [947280 2020-06-12] (McAfee, LLC -> McAfee, LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860184 2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [791136 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSSvc; C:\Program Files (x86)\Acer\PredatorSense\PSSvc.exe [716592 2017-08-13] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-08-11] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-08-11] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-10] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S3 Rockstar Service; C:\Games\Rockstar Games\Launcher\RockstarService.exe [1705088 2020-05-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-05-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-25] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-12-23] (Qualcomm Atheros -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-13] (Microsoft Corporation) [File not signed]
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [264176 2018-12-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [192952 2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-03] (Mail.Ru LLC -> LLC Mail.Ru)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_886b780ca50b5e3e\nvlddmkm.sys [22749640 2019-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-08-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-08-10] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2017-12-15] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [55560 2018-01-09] (SteelSeries ApS -> )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2019-08-10] (Synaptics Incorporated -> Synaptics Incorporated)
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-06-09] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 21:03 - 2020-06-14 21:08 - 000040491 _____ C:\Users\Predator\Desktop\FRST.txt
2020-06-14 20:59 - 2020-06-14 21:06 - 000000000 ____D C:\FRST
2020-06-14 20:57 - 2020-06-14 20:58 - 002289152 _____ (Farbar) C:\Users\Predator\Desktop\FRST64.exe
2020-06-14 19:30 - 2020-06-14 19:30 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-14 19:30 - 2020-06-14 19:30 - 000002333 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-14 19:25 - 2020-06-14 19:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-14 19:25 - 2020-06-14 19:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-14 17:33 - 2020-06-14 17:36 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-14 17:33 - 2020-06-14 17:35 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 10:55 - 2020-06-12 13:32 - 2838206999 _____ C:\Users\Predator\Downloads\Sherlock Holmes 2009 CZ dabing HD.mkv
2020-06-12 09:13 - 2020-06-12 09:13 - 000000000 ____D C:\Users\Predator\AppData\Local\Epic Games
2020-06-09 20:01 - 2020-06-09 20:01 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Ghost Town Games
2020-06-08 20:49 - 2020-06-08 20:49 - 000000000 ____D C:\Users\Predator\AppData\LocalLow\Creepy Jar
2020-06-08 20:23 - 2020-06-08 20:23 - 000001613 _____ C:\Users\Predator\Desktop\Green Hell.lnk
2020-06-08 14:58 - 2020-06-08 16:29 - 709326848 _____ C:\Users\Predator\Downloads\hlm-gree.iso
2020-06-08 14:58 - 2020-06-08 14:58 - 000044731 _____ C:\Users\Predator\Downloads\[CzT]Green_Hell_v_1_0_2019_CZ_.torrent
2020-06-07 20:54 - 2020-06-07 20:54 - 017578132 _____ C:\Users\Predator\Desktop\Fotky.rar
2020-06-07 20:53 - 2020-06-07 20:54 - 000000000 ____D C:\Users\Predator\Desktop\Fotky
2020-06-04 21:57 - 2020-06-05 00:19 - 2616193024 _____ C:\Users\Predator\Downloads\Diktátor - Full HD, CZ Dabing.avi
2020-06-02 18:23 - 2020-06-02 20:19 - 2137570294 _____ C:\Users\Predator\Downloads\Hobit_Šmakova dračí poušť_cz_The Hobbit_The Desolation of Smaug.avi
2020-05-31 21:15 - 2020-06-01 01:51 - 755473012 _____ C:\Users\Predator\Downloads\Hobit - neočekávaná cesta cz avi.avi
2020-05-27 10:45 - 2020-05-27 12:03 - 1435799552 _____ C:\Users\Predator\Downloads\Hercules-(The-Thracian-Wars)-CZ-2014.avi
2020-05-24 20:36 - 2020-05-24 20:36 - 000000000 ____D C:\Users\Predator\AppData\Local\ShadowTrackerExtra
2020-05-24 20:35 - 2020-06-09 18:56 - 000074552 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2020-05-24 20:35 - 2020-05-24 20:35 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-05-24 18:51 - 2020-05-24 18:51 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (2).exe
2020-05-24 18:43 - 2020-05-24 18:43 - 067269568 _____ ( ) C:\Users\Predator\Downloads\PUBG-Lite-Setup (1).exe
2020-05-24 13:24 - 2020-05-24 13:24 - 000000000 ____D C:\ProgramData\PUBG
2020-05-24 13:23 - 2020-05-24 19:11 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2020-05-24 13:23 - 2020-05-24 18:51 - 000001110 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2020-05-24 13:23 - 2020-05-24 18:51 - 000001080 _____ C:\Users\Predator\Desktop\PUBG LITE.lnk
2020-05-21 20:23 - 2020-05-21 22:14 - 2048506209 _____ C:\Users\Predator\Downloads\Čarodějovy_hodiny_Cz_dabing.mkv
2020-05-20 12:39 - 2020-05-20 16:04 - 2272158039 _____ C:\Users\Predator\Downloads\Zloba Kralovna vseho zleho.mkv
2020-05-18 14:31 - 2020-05-18 14:44 - 000000000 ____D C:\Users\Predator\AppData\Roaming\CitizenFX
2020-05-18 13:04 - 2020-05-18 14:31 - 000000000 ____D C:\Users\Predator\AppData\Local\DigitalEntitlements
2020-05-17 19:20 - 2020-05-17 19:21 - 075217096 _____ (Rockstar Games.) C:\Users\Predator\Downloads\Rockstar-Games-Launcher.exe
2020-05-17 17:37 - 2020-05-17 17:37 - 000000969 _____ C:\Users\Predator\Desktop\Rockstar Games Launcher.lnk
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-05-17 17:37 - 2020-05-17 17:37 - 000000000 ____D C:\ProgramData\Rockstar Games
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-14 21:08 - 2017-08-18 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-14 21:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-14 20:58 - 2017-11-24 00:13 - 000000000 ____D C:\Users\Predator\AppData\Local\ClassicShell
2020-06-14 20:28 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 20:22 - 2017-11-23 23:58 - 000000000 __SHD C:\Users\Predator\IntelGraphicsProfiles
2020-06-14 20:15 - 2019-07-11 03:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-14 20:15 - 2017-08-18 19:19 - 000000000 ___HD C:\Intel
2020-06-14 20:14 - 2019-07-11 01:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-14 19:45 - 2017-12-24 22:23 - 000000000 ____D C:\Games
2020-06-14 17:21 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-14 17:20 - 2017-11-23 14:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-14 17:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-12 10:29 - 2017-12-27 17:30 - 000000000 ____D C:\Users\Predator\Documents\The Witcher 3
2020-06-12 09:17 - 2019-02-16 16:05 - 000000000 ____D C:\Users\Predator\AppData\Local\BattlEye
2020-06-11 17:21 - 2019-02-28 20:48 - 000000000 ____D C:\Program Files\Epic Games
2020-06-11 09:14 - 2018-07-04 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-08 20:12 - 2017-12-24 19:32 - 000000000 ____D C:\Users\Predator\AppData\Roaming\uTorrent
2020-06-08 20:12 - 2017-11-23 09:17 - 000000000 ____D C:\Users\Predator\AppData\Local\CrashDumps
2020-06-07 10:54 - 2019-03-25 20:20 - 000000000 ____D C:\Users\Predator\AppData\Roaming\Discord
2020-06-06 07:51 - 2019-05-13 21:03 - 000000000 ____D C:\Users\Predator\AppData\Local\PlaceholderTileLogoFolder
2020-06-05 23:03 - 2020-02-16 20:32 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2020-02-16 20:32 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-05 18:46 - 2018-01-21 18:22 - 000000000 ____D C:\Users\Predator\AppData\Local\Packages
2020-06-05 16:40 - 2019-07-11 03:23 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404591140-1402169592-305344172-1001
2020-06-05 16:40 - 2019-07-11 00:57 - 000002374 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-05 16:40 - 2017-11-24 00:01 - 000000000 ___RD C:\Users\Predator\OneDrive
2020-06-05 00:12 - 2017-11-24 00:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-04 21:58 - 2017-11-24 00:06 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-04 08:20 - 2018-02-15 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 14:54 - 2020-03-25 15:22 - 000002383 _____ C:\Users\Predator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-06-03 14:54 - 2020-03-25 15:22 - 000002375 _____ C:\Users\Predator\Desktop\Microsoft Teams.lnk
2020-06-03 12:25 - 2018-06-18 15:50 - 000000000 ____D C:\Users\Predator\AppData\Local\Ubisoft Game Launcher
2020-05-30 08:34 - 2017-11-23 12:05 - 000000000 ____D C:\Program Files\UNP
2020-05-28 14:36 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-24 18:32 - 2019-07-11 03:23 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FC7C20F0-1C60-468E-BD15-351185194884}
2020-05-24 10:06 - 2020-04-18 10:17 - 000000000 ____D C:\Users\Predator\AppData\Local\FiveM
2020-05-23 17:59 - 2019-07-11 02:39 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-23 17:59 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-23 17:59 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-22 20:39 - 2019-08-04 13:21 - 000000000 ____D C:\Program Files\CCleaner
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-05-17 17:42 - 2017-12-26 09:12 - 000000000 ____D C:\Users\Predator\Documents\Rockstar Games
2020-05-17 17:41 - 2019-07-09 09:44 - 000000000 ____D C:\Users\Predator\AppData\Local\D3DSCache
2020-05-17 17:41 - 2017-12-26 09:18 - 000000000 ____D C:\Users\Predator\AppData\Local\Rockstar Games
==================== Files in the root of some directories ========
2018-06-01 21:39 - 2019-07-08 22:35 - 000007629 _____ () C:\Users\Predator\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Predator (14-06-2020 21:10:08)
Running from C:\Users\Predator\Desktop
Windows 10 Home Version 1909 18363.836 (X64) (2019-07-11 01:29:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-404591140-1402169592-305344172-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-404591140-1402169592-305344172-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-404591140-1402169592-305344172-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-404591140-1402169592-305344172-501 - Limited - Disabled)
Predator (S-1-5-21-404591140-1402169592-305344172-1001 - Administrator - Enabled) => C:\Users\Predator
WDAGUtilityAccount (S-1-5-21-404591140-1402169592-305344172-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3015 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ASTRONEER (HKLM-x32\...\ASTRONEER_is1) (Version: - )
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Green Hell (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Green Hell) (Version: - HOODLUM)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Human Fall Flat ICE (HKLM-x32\...\Human Fall Flat ICE_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - )
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version: - Avalanche Studios)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.109 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.35 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20838 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20838 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Planetary Annihilation TITANS (HKLM-x32\...\Planetary Annihilation TITANS_is1) (Version: - )
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
PredatorSense (HKLM-x32\...\{5A98D6E3-1EDC-43B9-B4F6-0A2B7F872F22}) (Version: 2.01.3005 - Acer Incorporated)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10427 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.309 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8838.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype verze 8.57 (HKLM-x32\...\Skype_is1) (Version: 8.57 - Skype Technologies S.A.)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.10 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.10 - SteelSeries ApS)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.20.0.22 - GOG.com)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Totally Accurate Battle Simulator Pre-Alpha version pre-alpha (HKLM-x32\...\{09C95BCB-5264-4F21-AA5F-D66E91167D6C}_is1) (Version: pre-alpha - Landfall Games)
Trine 4 The Nightmare Prince (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\Trine 4 The Nightmare Prince) (Version: - HOODLUM)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 92.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\WhatsApp) (Version: 0.4.2088 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Worms W.M.D (HKLM-x32\...\Worms W.M.D_is1) (Version: - )
XSplit Gamecaster (HKLM-x32\...\{6653CF8C-38BE-4F69-8AB8-77E20E4F841E}) (Version: 2.8.1607.2032 - SplitmediaLabs)
Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.13.0_x64__b6e429xa66pga [2020-05-21] (Finebits OÜ) [MS Ad]
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2019-07-07] (Acer Incorporated)
ACG Player -> C:\Program Files\WindowsApps\41038AXILESOFT.ACGMEDIAPLAYER_1.15.17502.0_x64__wxjjre7dryqb6 [2019-07-09] (Axilesoft) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.169.300.0_x86__kgqvnymyfvs32 [2020-06-03] (king.com)
Deep Rock Galactic -> C:\Program Files\WindowsApps\CoffeeStainStudios.DeepRockGalactic_1.30.40449.2_x64__496a1srhmar9w [2020-05-30] (Coffee Stain Publishing)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-05] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.39.21501.0_x64__8wekyb3d8bbwe [2020-06-03] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-09] (Code Spark)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP) [Startup Task]
PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PicsArt-PhotoStudio_8.9.0.0_x86__crhqpqs3x1ygc [2020-06-04] (PicsArt Inc.) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-07-09] (Plex)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-03] (Spotify AB) [Startup Task]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-07-09] (WinZip Computing)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404591140-1402169592-305344172-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Predator\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Predator\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Predator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2017-12-15 22:00 - 2017-12-15 22:00 - 002284032 _____ ( (Holtek) [File not signed]) [File is in use ] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2017-12-15 22:00 - 2017-12-15 22:00 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2012-06-26 14:08 - 2012-06-26 14:08 - 000026624 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
2012-06-26 12:58 - 2012-06-26 12:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 14:08 - 2012-06-26 14:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Predator\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Predator\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [452]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\sharepoint.com -> hxxps://zspisek.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-08-10 21:13 - 000000153 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 app.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-404591140-1402169592-305344172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Predator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\712843reuwL._SS500_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-404591140-1402169592-305344172-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{D98F2EAD-FE90-4D4F-A3EA-61B92DBF57A7}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1BF63372-1EBB-4900-AEF0-277FD7D85213}C:\users\predator\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D555DC2C-A48B-4980-9D3C-5E00E4814245}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D4A50D7F-D3B3-4174-ABB9-6350E56237B0}] => (Block) C:\users\predator\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C20FF27-64A4-4C1F-B9B4-1B3ED973927E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{65445D62-2EEB-4226-A23C-CF1F37F227AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{725FF95A-0620-4FF0-8088-48F8E1CC0E65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{2ED35CF1-49B1-4FC3-BC7B-F495BBFA5F04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2 Closed Test\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{8BAD61D1-F5F2-4373-BBE0-F6AE504B3A1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{187ECDA7-AC77-4CAE-A0A8-2335D7BCA1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{A6396281-D7CA-4F2A-B540-389CD4D6693D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E589D51E-1816-4197-9B5D-8307876765E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFA86301-C76C-492E-BFC3-8AE3655F8715}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3A445BC-6E12-4EE4-A37A-33C51CEFC401}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7BEE9BD8-0B64-4629-9565-C7E4E56DDBBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{F262DB37-B0B8-486A-80E3-A6428ECBE762}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{5007B0FE-1F6D-4244-947C-6B272324FEC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{217D40B4-4509-4059-A756-4BC1613A2C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{369216BA-C718-4252-9E7B-5BB9E854AB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8B5D28FA-D73B-4A95-90D5-EDF448ED56F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{347A409B-88FE-4F7C-A2B9-D7F9B253A8B3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4F980301-99D4-4ACA-B0BD-B9744DD1F114}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E3603C58-B6E6-4B49-9E22-EA0606DB68E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2599493D-15D9-467C-8531-1EF798B891BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A9851275-6AD7-4E07-B1F9-3CC414F86196}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{37039CF4-277F-438F-8270-1B3771585E02}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{800E5148-28B3-431A-AD2C-B48FFB4F7257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{8FABA55D-DEED-4A90-B19B-DE13499239F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The House of Da Vinci\The House of da Vinci.exe () [File not signed]
FirewallRules: [{3FDE0431-C8A7-4A33-A2B0-B565B8C102A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{165C4117-C9D0-41EF-909F-AE2CC3E1F7A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc) [File not signed]
FirewallRules: [{15BDA321-F3DE-4B80-8B91-B88240F8EEC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{6B58E5FA-019C-4C75-86E6-E98CE8C19C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RustStaging\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{F020605C-7B87-40EA-B7A4-8679D98B25A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC77A00-FC32-43BB-8D9A-DEB01031A3C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BA486C3-C258-43B3-9ECE-14751665E942}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA012CDE-5D28-4A25-BCB5-A08BF70D9DAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{132C2BC1-AAEF-4841-80F0-637019F75209}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{655BA11B-ACDC-4866-9961-B6564CDE9504}C:\games\terraria\terrariaserver.exe] => (Allow) C:\games\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{3F53769E-1C4C-4D2D-A1CF-EFA07549BBA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{1E4E3BA8-D13E-4577-BE99-8B949BF562C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F36A7DFA-3EC0-4037-8031-744A785098EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{757DECA6-7B16-4441-A338-1D69EA28DCF2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2DF3267D-2AC5-4E52-B0D7-75E5579875B2}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D5E67A9-2EC0-4F78-A410-98243C819A43}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe => No File
FirewallRules: [{C53EF0A2-79F5-4F77-99CD-29445F9C9E0F}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{1AD55626-4781-46D1-8E6D-2BB8768E3814}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA529B22-4BAA-4125-8C12-DC8B4EA13FC4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{64FA7DC1-8E61-4FEB-868D-CADA609222CB}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D813CE4E-63F0-4E5F-9D3A-CF61713F298A}C:\users\predator\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\predator\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0703D789-6C85-43D8-A297-DCCA114FDCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{F03C9FEB-245D-4DEA-BA95-A4FB90814C76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Oasis\OasisLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{23FADE8F-554F-46C4-9692-FD7C0E2C1C0A}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{4B2CBC2A-F613-432C-9D07-AC8AE54AAD50}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5EA6124C-F169-4AE1-98E5-C360D9FBE975}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [UDP Query User{610E4D11-9E44-4FF0-B15A-525B07C86AA8}C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) C:\program files\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [File not signed]
FirewallRules: [TCP Query User{B0418CE1-2FA7-43FE-8DAD-8BBC514692A8}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{CA6E2FEC-9DBA-4CCB-A39C-BDD29F3DCD6E}C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\last oasis\mist\binaries\win64\mistclient-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{0B1C989A-FEBC-43AD-BBEE-12E51D828877}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{6E3770A2-E167-4657-88E1-DD0DC58ADF5C}C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe] => (Allow) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{1C4D9205-4666-4F96-88BF-04B22D92F065}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D49DE036-7805-4A1C-BC5C-73E8D201081E}] => (Block) C:\users\predator\downloads\shieldwall\shieldwall\ferrata\binaries\win64\ferrata-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{94EB2751-65BA-4817-AC2A-2501DF68D1FC}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [UDP Query User{1B4D27B4-CFC9-45E3-B8B5-8E9BF91FA240}C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe] => (Allow) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CDA633F0-B78D-4169-BF95-FEB4FD8904B9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{CD63C164-6897-4DE7-828C-F407B463E6E9}] => (Block) C:\users\predator\downloads\mount & blade ii bannerlord\bin\win64_shipping_client\taleworlds.mountandblade.launcher.exe => No File
FirewallRules: [{2B08065C-E8F4-4CBD-8667-FCA1D1476FC5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991D6650-66E9-486A-851F-F22D25D23377}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{606871D5-0199-41CC-9B6B-C6758E8FCDC9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1508C5B2-5DA3-4228-8BCC-E4A01179C831}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{231928F7-2D1E-4C1E-84EA-1F259EA0705F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{943B5EA3-02CB-44B3-B54A-C215AFCDD62C}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{FA446355-DD35-414A-8A7A-A3004B772FEA}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{79D08832-70D5-4099-BD54-8E56677AE5C4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{FF0362DF-9019-4F01-A2FC-D69BC13AECC4}C:\users\predator\appdata\local\fivem\fivem.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{AC0678DD-6C6C-4F3F-8B46-636826D48638}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [{2C135223-B3D2-4AB3-AA12-B58E7B55300F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{4DE159AB-1AAB-4F91-9D0B-D20BAEC3B86E}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{33479A1E-F2F1-4990-BEAA-19403BF583B2}C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{66A22761-795F-4058-94F9-E2E71C1FDF6F}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{BFD7422C-698F-44EB-9279-3CBF8D4EC70C}] => (Block) C:\users\predator\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{85479887-65A8-4087-8162-754513832B33}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{20704B60-4560-434A-9F05-6B0E3971120F}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{8C027259-B5FF-48D3-BE56-B2128DCF8725}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{FEFFA9F3-1525-420E-8605-1436F2A0721A}] => (Block) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{A06C02A6-5652-4A16-A282-19D91D9FF0CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C30BF3F-B77B-42F5-9D98-336C4EE1EC8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD94636E-8299-44D0-8267-4915F75AE44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9B2738C2-2A70-4907-9105-9BB7E294D075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76942212-081A-4E5A-924F-5BAEC632A571}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{759F3432-D565-4EB5-875D-E31D678E85BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EF82119-789B-4F41-8310-F6FE0CAC1E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC794A6B-6BDD-47A7-A26E-96D591C73EE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8E9CE3-3DDA-4D20-8001-8FEADA05D19E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{20CCC4E4-A43F-4F66-A1A0-FAF9844EE7B6}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 09:05:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 08:44:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11396,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 08:35:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2012,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 07:50:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.18362.836, časové razítko: 0xb8640219
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x48bc
Čas spuštění chybující aplikace: 0x01d642611e32c99a
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 8efcdef2-3656-48cc-b4c5-e1ef1f41bcf7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/14/2020 07:47:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21072,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032
Error: (06/14/2020 07:36:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: msedge (19788,R,98) EdgeDataImporter: Pokus o vytvoření souboru C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).
Error: (06/14/2020 06:16:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18424,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (06/14/2020 08:29:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (06/14/2020 08:27:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.
Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/14/2020 08:23:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (06/14/2020 08:23:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/14/2020 08:22:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (06/14/2020 08:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2020-06-14 20:34:00.980
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe provádění změn v paměti.
Čas detekce: 2020-06-14T18:34:00.891Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
Verze bezpečnostních informací: 1.317.1359.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-14 17:09:35.703
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe provádění změn v paměti.
Čas detekce: 2020-06-14T15:09:35.666Z
Uživatel: LAPTOP-H32871D3\Predator
Cesta: \Device\CdRom0
Název procesu: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
Verze bezpečnostních informací: 1.317.1209.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-12 11:06:35.331
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T09:06:35.331Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-12 09:20:43.389
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Common Files\BattlEye\BEService.exe provádění změn v paměti.
Čas detekce: 2020-06-12T07:20:43.389Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
Verze bezpečnostních informací: 1.317.1140.0
Verze modulu: 1.1.17100.2
Verze produktu: 4.18.2005.5
Date: 2020-06-05 10:19:31.207
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68503505-D168-4EE6-A7BC-DAEDB2A51D84}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-06-14 19:41:00.595
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-06-14 17:17:23.933
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.317.1359.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17100.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-05-29 10:45:51.203
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-29 10:45:51.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-07-21 08:02:04.537
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.528
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:04.525
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-21 08:02:00.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-07-20 07:47:21.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.09 07/06/2017
Motherboard: KBL Sienna_KLS
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 51%
Total physical RAM: 8075.6 MB
Available physical RAM: 3904.77 MB
Total Virtual: 16267.6 MB
Available Virtual: 10479.68 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:164.77 GB) NTFS
\\?\Volume{8e50c848-128d-46d1-bb22-1be59db4d711}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.54 GB) NTFS
\\?\Volume{ecc835b1-9baa-468e-b73a-034ba01cdaa1}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AEEE2585)
Partition: GPT.
==================== End of Addition.txt =======================
