Vypínání pc, prosím o kontrolu logu
Napsal: 09 říj 2020 10:56
Zdravím,
Samovolně se mi vypíná pc myslím si, že v tom mají prsty viry...
Moc prosím o kontrolu logu, posílám log z FRST.
předem děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2020
Ran by Bazzy (09-10-2020 11:25:21)
Running from C:\Users\Bazzy\Desktop
Windows 10 Pro Version 1903 18362.1082 (X64) (2020-07-29 13:05:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1097945961-1764061589-1795022323-500 - Administrator - Disabled)
Bazzy (S-1-5-21-1097945961-1764061589-1795022323-1001 - Administrator - Enabled) => C:\Users\Bazzy
DefaultAccount (S-1-5-21-1097945961-1764061589-1795022323-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-1097945961-1764061589-1795022323-1006 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-1097945961-1764061589-1795022323-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1097945961-1764061589-1795022323-1004 - Limited - Enabled)
radek (S-1-5-21-1097945961-1764061589-1795022323-1007 - Administrator - Enabled) => C:\Users\radek
sshd (S-1-5-21-1097945961-1764061589-1795022323-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1097945961-1764061589-1795022323-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
Desperados III v.1.1.18 revision 34331.F (HKLM-x32\...\Desperados III_is1) (Version: - )
DOOM Eternal (HKLM-x32\...\DOOM Eternal_is1) (Version: - )
DOOM Eternal Setup 0.0.0.0 (HKLM-x32\...\DOOM Eternal Setup 0.0.0.0) (Version: 0.0.0.0 - .)
DOOMEternal version final (HKLM-x32\...\DOOMEternal_is1) (Version: final - The)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.1912.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.1912.2601 - Micro-Star International Co., Ltd.)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{99F57F1E-F93B-44A6-A802-2FDBF356D1D9}) (Version: 13.2.18.0 - ESET, spol. s r.o.)
Far Cry 5 (HKLM\...\Far Cry 5_is1) (Version: 1.4 - )
Gears 5 Ultimate Edition MULTi15 - ElAmigos version 1.1.67.0 (HKLM-x32\...\{B1D1DCBF-4D58-4387-9480-87A97E4A07BB}_is1) (Version: 1.1.67.0 - Microsoft)
Gears Tactics (HKLM-x32\...\Gears Tactics_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HTC Account (HKLM\...\{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}) (Version: 1.6.1.7 - HTC Corp.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 27.20.100.7989 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000100-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.100.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel(R) Corporation)
Killer Performance Driver Suite UWD (HKLM\...\{5BA4D851-78BA-4728-97FB-0ABEA101795A}) (Version: 2.0.1134 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magnet Engine (x86) (HKLM-x32\...\{D2DB04D4-D2D3-4B21-9165-748E77F02B1C}) (Version: 1.4.6.11 - HTC Corp.) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Opera Stable 71.0.3770.228 (HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\...\Opera 71.0.3770.228) (Version: 71.0.3770.228 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.71.40931 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31244 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8612 - Realtek Semiconductor Corp.)
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.9.202 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{8759080b-1591-4f2d-adc4-78aacbc21628}) (Version: 1.4.6.11 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{79D9EBD4-333E-40B8-86FD-9427DB846952}) (Version: 1.4.6.11 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{26bc0fe7-f2d8-4d46-8688-2ef7e9a9692b}) (Version: 1.2.2.7 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{6328E9CE-7A9B-4DAE-9697-97BEEE3BF509}) (Version: 1.2.2.7 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1860.4.0_x86__kgqvnymyfvs32 [2020-10-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-07] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Ford Mustang RTR Formula Drift -> C:\Program Files\WindowsApps\Microsoft.FordMustangRTRFormulaDrift_1.0.0.0_neutral__8wekyb3d8bbwe [2019-12-15] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa [2020-09-20] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.1.2930.0_x64__rh07ty8m5nkag [2019-12-11] (Rivet Networks LLC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-28] (Microsoft Studios) [MS Ad]
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2020-09-20] (msiappadm)
MSI Help Desk -> C:\Program Files\WindowsApps\msiappadm.MSIHelpDesk_2.2006.1501.0_x64__7f61qv3vk9gn2 [2020-06-18] (msiappadm)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.4.14.0_x64__w2gh52qy24etm [2020-09-20] (A-Volute)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-12-11] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0 [2020-09-30] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-12-11] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\igfxDTCM.dll [2020-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bazzy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-09-26 15:27 - 2019-09-26 15:27 - 000244224 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\NahimicAPI.dll
2018-11-23 08:01 - 2018-11-23 08:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2020-01-01 23:34 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-08-10 21:34 - 2016-08-10 21:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 20:35 - 2015-06-11 20:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [398]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-11 16:02 - 2019-12-11 16:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bazzy\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Wreckfest-wallpaper-06.png
DNS Servers: 172.16.1.1 - 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\...\StartupApproved\Run: => "Battle.net"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{8EBC4853-4EE1-43BC-903D-6A711F1DC6A0}C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{B0B06B9C-68AE-44F7-9016-4D54810E1FEF}C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [{59B50E61-9566-4EAC-A482-0799822C7F36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F27BB000-7370-4247-9E3E-E070AA37ED3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B5EF101-9F69-4D88-A013-3FD776142BCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1ED221D5-962E-4BED-95A0-E2B1688FC2FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2AFBA8EF-DF16-4773-86A3-94AB35571DBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{60643F78-03B5-4901-BB97-495F82BA3FA3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{DE422CD4-4DD5-42FC-A548-BC401DF88A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AAACA7E9-E0F8-4565-B7B1-C5B62F8857BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75E46C8C-6365-43BD-995B-13972DED12DF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{3CC22A5F-551E-4304-8FB0-31FDAD4E1275}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{E0A8E613-3A46-412E-ABF6-36D17499CDE6}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2429140F-FEC2-4103-B819-45AE58BF2518}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DA13541-2D59-45A9-AB08-FF827BEDA7FE}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{F07FC241-6532-4FD0-B369-4076A4B626DD}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{F53E8C3C-F6F6-422B-8258-A140DCB417E1}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A184FADA-7608-49C6-A94B-97D60B993402}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{108DB0AE-E0EB-4B75-8BD0-D10ED475DD56}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{055540AE-1A39-4F5B-B6E8-733E727A74AB}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{358C66DB-9696-4A93-8F2F-452E5ABE0B2D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A649F424-3D4E-400B-AA87-66EA709FF394}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{727EF4B4-202E-4CFA-B43D-E1F51C4F16E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{9C7AF98F-0C31-4597-955D-E6F4FCD6AC91}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AE6C1B2A-7D97-42A6-ABCB-3DBF9526B3A7}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{97DCE3F3-3AE0-4600-9BAD-C0F68C643A1F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F3F09480-B7C6-4D69-8AE9-3328F9325225}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{BEB76CB9-4FF4-4E83-A74C-58CB6271B447}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{6A1E3E3D-42E5-4E05-8D3D-85957EEF1310}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{D00FDFC7-36B5-4933-81A7-114F65A90AB9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{2A1A0F39-6FE8-4DD6-B6C6-7F9E788652D3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{3328D69F-77C4-4A3A-894F-B9993157952C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{44CC110C-39F0-4299-B7A5-367A15A032CA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{4A372885-D347-4E2B-96BF-171B8E1E367D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{B60CED17-9BE3-4587-B947-CF94A90E172C}] => (Block) D:\GAMES\Wreckfest\Wreckfest.exe => No File
FirewallRules: [{AB948E5E-C520-438D-9491-024EA1B4C325}] => (Block) D:\GAMES\Wreckfest\Wreckfest.exe => No File
FirewallRules: [{D12F21F2-A449-4560-A7E8-03141D960DBB}] => (Block) D:\GAMES\Wreckfest\Wreckfest_x64.exe => No File
FirewallRules: [{F3EE61FD-914F-43C4-9B76-31908489E12F}] => (Block) D:\GAMES\Wreckfest\Wreckfest_x64.exe => No File
FirewallRules: [UDP Query User{4BDEBFBC-3249-4E27-B694-4D01092D608E}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{BDDE8BC2-4B9E-4F4D-8183-20FD63576EEC}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{B7CD1B92-E056-4004-B115-28DA13339C56}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{3E753173-2470-43FF-8C14-D9E347A32DAD}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{0258C6FA-E6C8-4DAA-BA52-0C659CDCD5B8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2F9802DE-2633-4664-B8A9-783AEB7EFD16}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{130FB9DA-B2DF-4E21-9E14-F2A0F4CE21EC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F47E81A3-6904-4256-9E94-21725D9B998A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{68504DEB-370B-43A0-B671-E3CCE8032B61}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe () [File not signed]
FirewallRules: [TCP Query User{250FC48A-7E42-4BBB-9FF8-29ACBD565F80}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe () [File not signed]
FirewallRules: [UDP Query User{3F9F62E9-B828-4E33-80D8-911CB3E62C87}C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{76C1F5F3-ECED-49B9-971B-7ECEE3776A56}C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{EF059190-8AF4-4243-924A-9A50199CF261}C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{0A249B0B-5BCD-4DA1-8A43-333CA624F558}C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [{785E9DD4-231D-43E9-8D9C-5248610E3207}] => (Allow) LPort=9223
FirewallRules: [{322BA8C7-D31C-4641-A478-874D25F975DE}] => (Allow) LPort=9245
FirewallRules: [{46408420-BD7E-469A-A7DD-E37A7D3538C7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{A31BDB25-3EA4-4DBC-9A3D-2237339F6CFF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{999CDE5A-A352-4ED2-BA92-65B942C46AA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7E1F64F-E37F-490C-A794-F30438ECFFF8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{899A401A-2F84-476F-867F-D596B55B5835}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF41EB60-A8DF-4F57-8AB1-257C64F3EF4F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9CBE2F83-44B6-4D13-B796-B397DC266FCB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B3F6962-AA4F-4CCB-AA5C-97926628F80C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD065747-AEC2-4BDC-B40F-B4EEB8DD476F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E2A44D2-136C-4A92-AEE2-1856B7A4AAA8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7765183-2E49-404E-9604-C65FC310E68B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A29058BF-EF5C-43B5-8B0B-8449CC2178AC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{59BC8DCD-00D0-4FCF-9838-036D8AC23FEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE189C19-04D3-4DA0-B30D-A7798E36D2CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16FD1F7A-1359-495E-B1AC-B04719957C20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98EB5877-FDD4-43C1-BE07-33C74EE7D502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B1C987-8A57-4798-8916-01716FCFFBE3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AACBA771-3FB5-475B-9235-D914EBD6A44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF6560C2-1DBC-4816-A229-D90221D1A14F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05C34B01-A839-4E74-B717-B0AB1836FC3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AF6C4A0-0E87-4F98-836B-F45A4C401867}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:43.19 GB) (37%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/09/2020 11:25:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 11:14:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8796,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 10:52:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 10:48:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.18362.1, časové razítko: 0x2b37314e
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff88fda200f
ID chybujícího procesu: 0x3614
Čas spuštění chybující aplikace: 0x01d69e18ffb872e2
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 70881002-1643-4936-ae5a-9f326a30b21e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/09/2020 10:48:46 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (10/09/2020 10:02:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:35:00, 09.10.2020) bylo neočekávané.
Error: (10/09/2020 09:32:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
Přístup ke klíči nelze získat.
Error: (10/09/2020 09:32:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630203.
Error: (10/09/2020 09:22:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
Přístup ke klíči nelze získat.
Error: (10/09/2020 09:22:59 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630203.
Error: (10/09/2020 09:18:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (10/09/2020 09:18:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (10/09/2020 08:49:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:35:56, 09.10.2020) bylo neočekávané.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10F 05/20/2019
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 40%
Total physical RAM: 16210.73 MB
Available physical RAM: 9625.09 MB
Total Virtual: 18642.73 MB
Available Virtual: 10440.27 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:43.19 GB) NTFS
Drive d: (Hard Drive) (Fixed) (Total:912.75 GB) (Free:263.54 GB) NTFS
\\?\Volume{71d84864-e920-4396-a05b-5d25fdb181c1}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.44 GB) NTFS
\\?\Volume{6d38c0ef-8620-478c-a3fd-348c7f8bf418}\ (BIOS_RVY) (Fixed) (Total:18.77 GB) (Free:0.69 GB) NTFS
\\?\Volume{8fe6a98c-8f31-4031-b9f6-bf91aa019f49}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 25E0A359)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 25E0A373)
Partition: GPT.
==================== End of Addition.txt =======================
Samovolně se mi vypíná pc myslím si, že v tom mají prsty viry...
Moc prosím o kontrolu logu, posílám log z FRST.
předem děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2020
Ran by Bazzy (09-10-2020 11:25:21)
Running from C:\Users\Bazzy\Desktop
Windows 10 Pro Version 1903 18362.1082 (X64) (2020-07-29 13:05:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1097945961-1764061589-1795022323-500 - Administrator - Disabled)
Bazzy (S-1-5-21-1097945961-1764061589-1795022323-1001 - Administrator - Enabled) => C:\Users\Bazzy
DefaultAccount (S-1-5-21-1097945961-1764061589-1795022323-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-1097945961-1764061589-1795022323-1006 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-1097945961-1764061589-1795022323-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1097945961-1764061589-1795022323-1004 - Limited - Enabled)
radek (S-1-5-21-1097945961-1764061589-1795022323-1007 - Administrator - Enabled) => C:\Users\radek
sshd (S-1-5-21-1097945961-1764061589-1795022323-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1097945961-1764061589-1795022323-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
Desperados III v.1.1.18 revision 34331.F (HKLM-x32\...\Desperados III_is1) (Version: - )
DOOM Eternal (HKLM-x32\...\DOOM Eternal_is1) (Version: - )
DOOM Eternal Setup 0.0.0.0 (HKLM-x32\...\DOOM Eternal Setup 0.0.0.0) (Version: 0.0.0.0 - .)
DOOMEternal version final (HKLM-x32\...\DOOMEternal_is1) (Version: final - The)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.1912.2601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.1912.2601 - Micro-Star International Co., Ltd.)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{99F57F1E-F93B-44A6-A802-2FDBF356D1D9}) (Version: 13.2.18.0 - ESET, spol. s r.o.)
Far Cry 5 (HKLM\...\Far Cry 5_is1) (Version: 1.4 - )
Gears 5 Ultimate Edition MULTi15 - ElAmigos version 1.1.67.0 (HKLM-x32\...\{B1D1DCBF-4D58-4387-9480-87A97E4A07BB}_is1) (Version: 1.1.67.0 - Microsoft)
Gears Tactics (HKLM-x32\...\Gears Tactics_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HTC Account (HKLM\...\{0BDD3B3E-A0C1-48E1-BA33-3A28B784C10F}) (Version: 1.6.1.7 - HTC Corp.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 27.20.100.7989 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000100-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.100.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel(R) Corporation)
Killer Performance Driver Suite UWD (HKLM\...\{5BA4D851-78BA-4728-97FB-0ABEA101795A}) (Version: 2.0.1134 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magnet Engine (x86) (HKLM-x32\...\{D2DB04D4-D2D3-4B21-9165-748E77F02B1C}) (Version: 1.4.6.11 - HTC Corp.) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Opera Stable 71.0.3770.228 (HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\...\Opera 71.0.3770.228) (Version: 71.0.3770.228 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.71.40931 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.31244 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8612 - Realtek Semiconductor Corp.)
Revive Dashboard (HKLM-x32\...\Revive) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VIVE Software (HKLM-x32\...\VIVE Software) (Version: 1.0.9.202 - HTC)
VIVEPORT (HKLM-x32\...\VIVEPORT) (Version: 1.0.9.202 - HTC)
VIVEPORT Desktop (HKLM-x32\...\{8759080b-1591-4f2d-adc4-78aacbc21628}) (Version: 1.4.6.11 - HTC Corp.) Hidden
VIVEPORT Desktop (x86) (HKLM-x32\...\{79D9EBD4-333E-40B8-86FD-9427DB846952}) (Version: 1.4.6.11 - HTC Corp.) Hidden
VIVEPORT Diagnosis (HKLM-x32\...\{26bc0fe7-f2d8-4d46-8688-2ef7e9a9692b}) (Version: 1.2.2.7 - HTC Corp.)
VIVEPORT Diagnosis (x86) (HKLM-x32\...\{6328E9CE-7A9B-4DAE-9697-97BEEE3BF509}) (Version: 1.2.2.7 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1860.4.0_x86__kgqvnymyfvs32 [2020-10-09] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-07] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Ford Mustang RTR Formula Drift -> C:\Program Files\WindowsApps\Microsoft.FordMustangRTRFormulaDrift_1.0.0.0_neutral__8wekyb3d8bbwe [2019-12-15] (Microsoft Corporation)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa [2020-09-20] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_2.1.2930.0_x64__rh07ty8m5nkag [2019-12-11] (Rivet Networks LLC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-28] (Microsoft Studios) [MS Ad]
MSI Driver & App Center -> C:\Program Files\WindowsApps\msiappadm.MSIDriverAppCenter_1.2009.1001.0_x64__7f61qv3vk9gn2 [2020-09-20] (msiappadm)
MSI Help Desk -> C:\Program Files\WindowsApps\msiappadm.MSIHelpDesk_2.2006.1501.0_x64__7f61qv3vk9gn2 [2020-06-18] (msiappadm)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.4.14.0_x64__w2gh52qy24etm [2020-09-20] (A-Volute)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-12-11] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0 [2020-09-30] (Spotify AB) [Startup Task]
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-12-11] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1097945961-1764061589-1795022323-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Bazzy\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bdd37d808cfdf045\igfxDTCM.dll [2020-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bazzy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-09-26 15:27 - 2019-09-26 15:27 - 000244224 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\NahimicAPI.dll
2018-11-23 08:01 - 2018-11-23 08:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2020-01-01 23:34 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-08-10 21:34 - 2016-08-10 21:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 20:35 - 2015-06-11 20:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-06-05 22:38 - 2020-06-05 22:38 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [398]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-11 16:02 - 2019-12-11 16:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bazzy\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Wreckfest-wallpaper-06.png
DNS Servers: 172.16.1.1 - 172.16.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1097945961-1764061589-1795022323-1001\...\StartupApproved\Run: => "Battle.net"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{8EBC4853-4EE1-43BC-903D-6A711F1DC6A0}C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{B0B06B9C-68AE-44F7-9016-4D54810E1FEF}C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [{59B50E61-9566-4EAC-A482-0799822C7F36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F27BB000-7370-4247-9E3E-E070AA37ED3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B5EF101-9F69-4D88-A013-3FD776142BCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1ED221D5-962E-4BED-95A0-E2B1688FC2FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2AFBA8EF-DF16-4773-86A3-94AB35571DBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{60643F78-03B5-4901-BB97-495F82BA3FA3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{DE422CD4-4DD5-42FC-A548-BC401DF88A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AAACA7E9-E0F8-4565-B7B1-C5B62F8857BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75E46C8C-6365-43BD-995B-13972DED12DF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{3CC22A5F-551E-4304-8FB0-31FDAD4E1275}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{E0A8E613-3A46-412E-ABF6-36D17499CDE6}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2429140F-FEC2-4103-B819-45AE58BF2518}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DA13541-2D59-45A9-AB08-FF827BEDA7FE}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{F07FC241-6532-4FD0-B369-4076A4B626DD}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{F53E8C3C-F6F6-422B-8258-A140DCB417E1}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A184FADA-7608-49C6-A94B-97D60B993402}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{108DB0AE-E0EB-4B75-8BD0-D10ED475DD56}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{055540AE-1A39-4F5B-B6E8-733E727A74AB}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{358C66DB-9696-4A93-8F2F-452E5ABE0B2D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{A649F424-3D4E-400B-AA87-66EA709FF394}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{727EF4B4-202E-4CFA-B43D-E1F51C4F16E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{9C7AF98F-0C31-4597-955D-E6F4FCD6AC91}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AE6C1B2A-7D97-42A6-ABCB-3DBF9526B3A7}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{97DCE3F3-3AE0-4600-9BAD-C0F68C643A1F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F3F09480-B7C6-4D69-8AE9-3328F9325225}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{BEB76CB9-4FF4-4E83-A74C-58CB6271B447}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{6A1E3E3D-42E5-4E05-8D3D-85957EEF1310}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{D00FDFC7-36B5-4933-81A7-114F65A90AB9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{2A1A0F39-6FE8-4DD6-B6C6-7F9E788652D3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{3328D69F-77C4-4A3A-894F-B9993157952C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{44CC110C-39F0-4299-B7A5-367A15A032CA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{4A372885-D347-4E2B-96BF-171B8E1E367D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [{B60CED17-9BE3-4587-B947-CF94A90E172C}] => (Block) D:\GAMES\Wreckfest\Wreckfest.exe => No File
FirewallRules: [{AB948E5E-C520-438D-9491-024EA1B4C325}] => (Block) D:\GAMES\Wreckfest\Wreckfest.exe => No File
FirewallRules: [{D12F21F2-A449-4560-A7E8-03141D960DBB}] => (Block) D:\GAMES\Wreckfest\Wreckfest_x64.exe => No File
FirewallRules: [{F3EE61FD-914F-43C4-9B76-31908489E12F}] => (Block) D:\GAMES\Wreckfest\Wreckfest_x64.exe => No File
FirewallRules: [UDP Query User{4BDEBFBC-3249-4E27-B694-4D01092D608E}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{BDDE8BC2-4B9E-4F4D-8183-20FD63576EEC}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{B7CD1B92-E056-4004-B115-28DA13339C56}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [TCP Query User{3E753173-2470-43FF-8C14-D9E347A32DAD}C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\66.0.3515.44\opera.exe => No File
FirewallRules: [{0258C6FA-E6C8-4DAA-BA52-0C659CDCD5B8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2F9802DE-2633-4664-B8A9-783AEB7EFD16}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{130FB9DA-B2DF-4E21-9E14-F2A0F4CE21EC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F47E81A3-6904-4256-9E94-21725D9B998A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{68504DEB-370B-43A0-B671-E3CCE8032B61}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe () [File not signed]
FirewallRules: [TCP Query User{250FC48A-7E42-4BBB-9FF8-29ACBD565F80}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe () [File not signed]
FirewallRules: [UDP Query User{3F9F62E9-B828-4E33-80D8-911CB3E62C87}C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{76C1F5F3-ECED-49B9-971B-7ECEE3776A56}C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bazzy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{EF059190-8AF4-4243-924A-9A50199CF261}C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [TCP Query User{0A249B0B-5BCD-4DA1-8A43-333CA624F558}C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\bazzy\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [{785E9DD4-231D-43E9-8D9C-5248610E3207}] => (Allow) LPort=9223
FirewallRules: [{322BA8C7-D31C-4641-A478-874D25F975DE}] => (Allow) LPort=9245
FirewallRules: [{46408420-BD7E-469A-A7DD-E37A7D3538C7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{A31BDB25-3EA4-4DBC-9A3D-2237339F6CFF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{999CDE5A-A352-4ED2-BA92-65B942C46AA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7E1F64F-E37F-490C-A794-F30438ECFFF8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{899A401A-2F84-476F-867F-D596B55B5835}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF41EB60-A8DF-4F57-8AB1-257C64F3EF4F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9CBE2F83-44B6-4D13-B796-B397DC266FCB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B3F6962-AA4F-4CCB-AA5C-97926628F80C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD065747-AEC2-4BDC-B40F-B4EEB8DD476F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E2A44D2-136C-4A92-AEE2-1856B7A4AAA8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.3.52015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7765183-2E49-404E-9604-C65FC310E68B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{A29058BF-EF5C-43B5-8B0B-8449CC2178AC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{59BC8DCD-00D0-4FCF-9838-036D8AC23FEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE189C19-04D3-4DA0-B30D-A7798E36D2CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16FD1F7A-1359-495E-B1AC-B04719957C20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98EB5877-FDD4-43C1-BE07-33C74EE7D502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B1C987-8A57-4798-8916-01716FCFFBE3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AACBA771-3FB5-475B-9235-D914EBD6A44C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF6560C2-1DBC-4816-A229-D90221D1A14F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05C34B01-A839-4E74-B717-B0AB1836FC3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5AF6C4A0-0E87-4F98-836B-F45A4C401867}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.94 GB) (Free:43.19 GB) (37%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/09/2020 11:25:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 11:14:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8796,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 10:52:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (10/09/2020 10:48:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.18362.1, časové razítko: 0x2b37314e
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff88fda200f
ID chybujícího procesu: 0x3614
Čas spuštění chybující aplikace: 0x01d69e18ffb872e2
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 70881002-1643-4936-ae5a-9f326a30b21e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/09/2020 10:48:46 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (10/09/2020 10:48:45 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (10/09/2020 10:02:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:35:00, 09.10.2020) bylo neočekávané.
Error: (10/09/2020 09:32:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
Přístup ke klíči nelze získat.
Error: (10/09/2020 09:32:50 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630203.
Error: (10/09/2020 09:22:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
Přístup ke klíči nelze získat.
Error: (10/09/2020 09:22:59 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630203.
Error: (10/09/2020 09:18:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (10/09/2020 09:18:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (10/09/2020 08:49:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:35:56, 09.10.2020) bylo neočekávané.
==================== Memory info ===========================
BIOS: American Megatrends Inc. E17C5IMS.10F 05/20/2019
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 40%
Total physical RAM: 16210.73 MB
Available physical RAM: 9625.09 MB
Total Virtual: 18642.73 MB
Available Virtual: 10440.27 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:43.19 GB) NTFS
Drive d: (Hard Drive) (Fixed) (Total:912.75 GB) (Free:263.54 GB) NTFS
\\?\Volume{71d84864-e920-4396-a05b-5d25fdb181c1}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.44 GB) NTFS
\\?\Volume{6d38c0ef-8620-478c-a3fd-348c7f8bf418}\ (BIOS_RVY) (Fixed) (Total:18.77 GB) (Free:0.69 GB) NTFS
\\?\Volume{8fe6a98c-8f31-4031-b9f6-bf91aa019f49}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 25E0A359)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 25E0A373)
Partition: GPT.
==================== End of Addition.txt =======================
