prosím o kontrolu logu
Napsal: 19 led 2021 21:21
Dobrý den, poprosím o kontrolu logu, přijde mi, že mám zpomalené prohlížeče.
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by stoup (19-01-2021 21:20:11)
Running from C:\Users\stoup\OneDrive\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-20 23:49:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-202815913-3708365009-1602261077-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-202815913-3708365009-1602261077-503 - Limited - Disabled)
Guest (S-1-5-21-202815913-3708365009-1602261077-501 - Limited - Disabled)
stoup (S-1-5-21-202815913-3708365009-1602261077-1001 - Administrator - Enabled) => C:\Users\stoup
WDAGUtilityAccount (S-1-5-21-202815913-3708365009-1602261077-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Disabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM\...\{63FED867-23CB-4AC7-9F22-64AD80FA0DA7}) (Version: 2.16.7113.0 - UL) Hidden
3DMark (HKLM-x32\...\{b6a95974-3bca-4571-9656-98b7350cb823}) (Version: 2.16.7113.0 - UL)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acoustica Premium Edition 6.0 (HKLM-x32\...\{B0AB0E72-A179-4B1E-813B-BBA1344819A5}_is1) (Version: 6.0.8 - Acon AS)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CS (x64) (HKLM\...\{71C1FD4A-E7D1-4C24-82AE-D4A07516B6DD}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CT (x64) (HKLM\...\{D251081C-25F7-4EFA-9DF3-C3D3F751CFB2}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CZ (x64) (HKLM\...\{1EE74A96-A900-4607-9D63-25F120E19CC4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - DE (x64) (HKLM\...\{78A4A2EA-7C1D-48A9-92F2-FF60E098EF53}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Docs (x64) (HKLM\...\{74127108-BAE6-4A9E-BE10-931292D9E1AC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - ES (x64) (HKLM\...\{AF2C3573-F52E-4B52-AED8-58F14E626002}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - FR (x64) (HKLM\...\{F4A5C1FF-1BEB-40D1-81F7-460F4021AD76}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IT (x64) (HKLM\...\{8A87BFC9-69B9-4A0A-9D3C-5A8884380DE0}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - JP (x64) (HKLM\...\{D202A107-A207-4A8C-ABE9-29640818EC4F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - NL (x64) (HKLM\...\{65DC3D32-2462-49EC-9263-FB0A5056F899}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PL (x64) (HKLM\...\{217124CA-CFDD-410E-A7F9-C9D43137467E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - RU (x64) (HKLM\...\{EF129473-7919-4CDF-875A-ABF57158901D}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0.0.633 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 -TR (x64) (HKLM\...\{AFB3227A-5276-4E51-A305-A893531C4895}) (Version: 20.0 - Corel Corporation) Hidden
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Crucial Storage Executive (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 5.09.122019.04 - Crucial)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3235023Change_4177747 - GOG.com)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Eraser 6.2.0.2982 (HKLM\...\{DFCF78CC-3DAD-4C1E-8BC6-94DC5B73461E}) (Version: 6.2.2982 - The Eraser Project)
Eye 312 (HKLM-x32\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.78 - Gridinsoft LLC)
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
OpenShot Video Editor verze 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.78.42537 - Electronic Arts, Inc.)
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Roblox Player for stoup (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Someday You'll Return (HKLM-x32\...\2107162474_is1) (Version: 1.7.5g2 - GOG.com)
Spirit of the North (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Spirit of the North) (Version: - HOODLUM)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
War Thunder Launcher 1.0.3.148 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
Packages:
=========
Audio Converter Any Format -> C:\Program Files\WindowsApps\22546Cidade.AudioConverterAnyFormat_4.0.32.0_x64__cjt5542sbwgmj [2021-01-13] (Cidade) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-23] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-07] (Fitbit)
Libra Office Suite -> C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8 [2020-05-04] (HLXB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-13] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-19] (NVIDIA Corp.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-17] (Thumbmunkeys Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-01-11] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-03-19] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-22 14:16 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-05-17 12:38 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2020-02-17 17:59 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-02-17 17:59 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-02-17 17:59 - 2020-02-17 17:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2020-11-21 15:21 - 000001930 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stoup\Downloads\ice_fox-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FDEA0810-9DC4-4550-9931-0EED29323EFA}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{27BE5362-BEBD-4490-9614-FC263ECD2B69}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [{758C36E1-470E-4885-99C0-7DDF6AE65F4D}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{C1F72A2C-71E4-47D4-9604-4386E69A1716}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{4DAD7F12-8523-4906-8D0D-B560E8EC902F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7AD4D326-29B0-4AEF-95A6-6CDA329F2449}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D5A46AA6-1879-4474-98AA-B478AF7C56D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{613C3706-C9DE-4690-9191-243D47C89FE8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6E9A5B4F-8863-4DBD-B494-1FA958F28BF8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C489805F-00A5-458B-8447-CB7138ADA8FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{72F4BFC1-53B9-4016-9FF9-071C4BAB789C}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{E27003F6-015E-4E9B-B2B3-4BB4AA283111}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{247F6E82-E86C-4F72-9878-A794CB9C46BC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{10FE1538-D2BF-4261-B458-DEAFDF550FFC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{11B91DFF-2B67-446E-B85E-1AB9ECB320F3}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{0834AFE9-3ADD-4E68-A1FD-486A35D3C655}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F58E7E5-8E66-4424-A3E1-38FBE16A08E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B30F0231-C5D5-46E5-BE0E-097BF6956FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5E193851-3B8D-4B40-A99B-EA0734374986}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A75511BD-62BB-4145-B7DA-6100BE63B83F}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{04132621-F4A5-495D-AD89-D566379ED773}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{693F0373-6996-4010-BF41-C329ABB2AC46}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{3B134E21-1D1E-410D-8314-22989E282815}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{33ABDF98-B39E-4A14-ABCF-92D089CB08C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{96C25ACC-96C4-4F3D-B7CE-18BD5794036F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{6CAB91E3-D0E8-49B8-A5C4-33141FCE4319}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5458AE3A-D26B-430B-8EC5-F79E7ED5D748}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F5FDB86D-0B06-4DF0-9A4F-791C701101D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C29B2497-562F-406A-A925-5206A58A871A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4992BB24-08C3-4452-A690-EBB87E4FC166}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CD2227A-DCA4-4665-8635-7156FE1E533C}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{C120CCF9-6AD3-40CE-9DBE-FF27DED562E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{E22317A5-2229-4C71-B3F0-A8C9C8271DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [{C83C4AEC-95F3-4FAA-B7B3-C42885C33A7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE59EF50-9C3A-4FB6-B3F5-C8BF21924E2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31B29B56-88F6-4FA4-8318-D735FD67D886}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90682371-FF62-4CD2-9E54-B154393EB621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0FA4466A-8F0E-4D2F-9E03-B328F498BC1D}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{A661AB6C-7E22-4DE9-A234-47F8D84EFFE3}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{AFBEC143-6F30-428B-AE14-3EA875E3608C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{72B9013A-F097-4619-8048-7EC212753D99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{AC14182A-4C4E-4313-A4B3-2CE925537B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [TCP Query User{E1FB3EC1-754C-407A-BA88-874BDD4F02C3}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1E8C5F06-720B-4724-B2E1-1DDEE3EE401A}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5A11B54C-6C29-4D34-AE20-D45C61E7D97F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1CCD4FD-6325-4A32-9EAD-A9E5D0C0306E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99B9A79E-F7F0-4BBB-B4DF-93B876BF70F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF70E026-53C5-4E14-B5BD-AADE684653E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8188088-6067-4E2F-BA8D-1221CAE9ED0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65F3D82D-8549-483B-BFDB-5DBC0FCF184D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
19-01-2021 17:08:35 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 09:05:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:58:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:48:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:26:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:06:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3576,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (01/19/2021 08:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:59:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Log Utility neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Log Utility bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:58:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Lavasoft Ad-Aware Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (01/19/2021 07:37:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
===================================
Date: 2021-01-19 19:24:26.205
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Uwasson.A!ml
ID: 251745
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b5
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-19 19:24:24.202
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b7
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-17 21:19:41.724
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {238D9039-61F0-47FA-9EE4-71C30EB3015B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-11 20:03:35.413
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4D165924-7986-4281-9BFC-E2FEAB4FD592}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-01 22:09:15.163
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4050F8C9-B948-43B7-9120-56F4CA36444D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2021-01-19 21:10:17.658
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:08:40.303
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:31.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:24.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:19.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:18.172
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F1 08/17/2020
Motherboard: Gigabyte Technology Co., Ltd. B450M DS3H V2
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16332.61 MB
Available physical RAM: 9168.71 MB
Total Virtual: 21708.61 MB
Available Virtual: 11409.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.25 GB) (Free:146.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (WD500Gb) (Fixed) (Total:465.76 GB) (Free:107.34 GB) NTFS
\\?\Volume{1a10bb5c-0000-0000-0000-205074000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1A10BB5C)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=519 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EE9D3ECA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
Ran by stoup (administrator) on DESKTOP-AS6HE0O (Gigabyte Technology Co., Ltd. B450M DS3H V2) (19-01-2021 21:19:23)
Running from C:\Users\stoup\OneDrive\Desktop
Loaded Profiles: stoup
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Gaijin Network LTD -> Gaijin) C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.bin
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1067024 2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Gaijin.Net Updater] => C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Opera Browser Assistant] => C:\Users\stoup\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {3E25E44F-E6D6-46C0-88D5-55D35A6B679E} - System32\Tasks\Opera scheduled Autoupdate 1554923785 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {3F158DF5-17A3-4425-8792-F55FA9810F7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47400C43-D0C9-41E5-B3A7-26A85D3DD586} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {4BC10CD5-8E20-44C6-B062-E15EBBCE1E03} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {500C04C4-6628-4736-8287-36080D8124ED} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50750946-E51C-4AA2-946B-2E3DFAAADD70} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1644480 2018-03-06] (Corel Corporation -> Corel Corporation)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {72CC1F44-F249-4808-92DD-097F0B02A4A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E46EBD7-A949-4406-81D0-517EE33568C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8ECB25B1-A20F-43F3-A259-5E02B7B36CE1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {99D91E38-AD25-486B-8F45-1FD57E963A04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E75A821-5EB1-4B42-AF7B-A7E9A702561D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A18787D8-A407-4742-8E73-9455B1BFC014} - System32\Tasks\Opera scheduled assistant Autoupdate 1582734759 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\stoup\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AB1658DD-0A89-411B-941A-E4130EBC85AF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC7C80A4-B767-46E6-9A8C-745BE9F789C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE819C3F-BAFE-40D9-BFD8-7A1528873524} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7E8D100-A2F9-45C2-AF24-8F4B9F101180} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {DCF632AE-F40E-4C6B-AF5C-F06DD308C411} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1156858-DAB2-4A88-97A8-85FC00912E4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF3D728C-3152-40DF-A245-087AC427EE59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8A40BAC-5371-4A18-83D1-D7E1DFD47255} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{030501c3-ea03-4580-98c4-02bc71413ce9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91778c54-b2f8-4f4e-afd0-8ff5ad49d99e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\stoup\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-19]
FireFox:
========
FF DefaultProfile: 61fmaxz7.default-1553011361875
FF ProfilePath: C:\Users\stoup\AppData\Roaming\Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 [2021-01-19]
FF Notifications: Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 -> hxxps://www.facebook.com; hxxps://www.exasoft.cz; hxxps://a.mp3pro.xyz; hxxps://www.sevt.cz; hxxps://www.hudy.cz; hxxps://www.4camping.cz; hxxps://aukro.cz
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
Chrome:
=======
CHR Profile: C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default [2021-01-19]
CHR Notifications: Default -> hxxps://mediamarkt.pl; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-07]
CHR Extension: (Dokumenty) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-07]
CHR Extension: (Disk Google) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-07]
CHR Extension: (Tabulky) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
Opera:
=======
OPR Profile: C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable [2021-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510136 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3462464 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67576 2018-12-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-07] (Martin Malik - REALiX -> REALiX(tm))
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1087120 2019-01-23] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R3 MpKsl0a43ddaf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{335FC21D-9A6D-4529-9A93-758DECC24BFC}\MpKslDrv.sys [91376 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:02 - 2021-01-19 21:19 - 000000000 ____D C:\FRST
2021-01-19 20:57 - 2021-01-19 20:57 - 000018451 _____ C:\Users\stoup\Downloads\FRST.rar
2021-01-19 20:12 - 2021-01-19 20:12 - 000000000 __HDC C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2021-01-19 19:36 - 2021-01-19 19:36 - 000000778 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-19 19:32 - 2021-01-19 20:16 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\GridinSoft
2021-01-19 19:31 - 2021-01-19 19:31 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix (1).exe
2021-01-19 19:30 - 2021-01-19 19:30 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix.exe
2021-01-19 19:29 - 2021-01-19 19:29 - 015012440 _____ (ESET spol. s r.o.) C:\Users\stoup\Downloads\esetonlinescanner.exe
2021-01-19 19:23 - 2021-01-19 19:23 - 008458096 _____ (Malwarebytes) C:\Users\stoup\Downloads\adwcleaner_8.0.9.exe
2021-01-19 19:21 - 2021-01-19 19:23 - 633521152 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-whql.exe
2021-01-19 19:11 - 2021-01-19 19:11 - 000000000 ____D C:\Users\stoup\AppData\Local\mbam
2021-01-19 19:10 - 2021-01-19 19:10 - 002086424 _____ (Malwarebytes) C:\Users\stoup\Downloads\MBSetup (2).exe
2021-01-19 19:06 - 2021-01-19 19:07 - 000200506 _____ C:\TDSSKiller.2.8.16.0_19.01.2021_19.06.03_log.txt
2021-01-19 19:06 - 2021-01-19 19:06 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\47639295.sys
2021-01-19 17:51 - 2021-01-19 17:51 - 000000000 ____D C:\Users\stoup\AppData\Roaming\NVIDIA
2021-01-19 17:15 - 2021-01-19 21:18 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000000000 ____D C:\Users\stoup\ansel
2021-01-19 17:13 - 2021-01-19 17:13 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-19 17:13 - 2020-12-31 15:01 - 002797552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 002154984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 001294832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-01-19 17:12 - 2020-12-31 15:01 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000690072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-19 17:11 - 2021-01-04 15:46 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000610712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 005631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-19 17:11 - 2021-01-04 15:44 - 000850840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-19 17:11 - 2021-01-04 15:43 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-19 17:11 - 2021-01-04 15:43 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-19 17:11 - 2020-12-31 15:01 - 000084159 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-19 17:09 - 2021-01-19 20:14 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-19 17:09 - 2021-01-19 19:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-19 17:08 - 2020-12-31 15:01 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-19 17:08 - 2020-10-05 14:05 - 001492800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvppcgenco64_145831832.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 001690976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-19 17:02 - 2021-01-19 17:03 - 661510840 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-18 21:58 - 2021-01-18 21:58 - 000060012 _____ C:\Users\stoup\Downloads\EDAZ-5L36738_20210201_426ad2b7-57e9-400f-81eb-5c532ac511b3.pdf
2021-01-13 20:46 - 2021-01-13 20:46 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:46 - 2021-01-13 20:46 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:45 - 2021-01-13 20:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 08:05 - 2021-01-13 08:05 - 015793332 _____ C:\Users\stoup\Downloads\prilohy_56650.zip
2021-01-13 03:12 - 2021-01-13 03:12 - 000107784 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gsInetSecurity.sys
2021-01-13 03:12 - 2021-01-13 03:12 - 000038216 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2021-01-12 19:48 - 2021-01-12 19:48 - 000092226 _____ C:\Users\stoup\Downloads\faktura 180040.pdf
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
2021-01-11 19:39 - 2021-01-11 19:39 - 000000000 ____D C:\Program Files (x86)\Futuremark
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\Users\Public\Desktop\3DMark.lnk
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\ProgramData\Desktop\3DMark.lnk
2021-01-11 19:34 - 2021-01-19 17:38 - 000000000 ____D C:\Users\stoup\OneDrive\Documents\3DMark
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default User\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\stoup\AppData\Local\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default User\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\ProgramData\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Program Files\UL
2021-01-11 18:17 - 2019-10-30 02:20 - 001126344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-01-11 18:17 - 2019-10-30 02:20 - 000481888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-01-11 18:17 - 2019-10-29 23:20 - 000821336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-01-06 19:13 - 2021-01-06 19:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-06 16:58 - 2021-01-06 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 16:58 - 2021-01-06 16:58 - 000056630 _____ C:\Users\stoup\Downloads\Doklad_eshop482511.pdf
2021-01-03 15:40 - 2021-01-03 15:40 - 000834901 _____ C:\Cyberpunk.2077.v1.03-v1.06.Plus.32.Trainer-FLiNG.zip
2021-01-01 16:59 - 2021-01-01 16:59 - 000000000 ____D C:\Users\stoup\AppData\Local\CD Projekt Red
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\Users\Public\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\ProgramData\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\Users\stoup\AppData\Local\REDEngine
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\Users\Public\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\ProgramData\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Someday You'll Return [GOG.com]
2020-12-24 13:04 - 2020-12-24 13:04 - 000315813 _____ C:\Users\stoup\Downloads\CZECH.zip
2020-12-24 12:40 - 2020-12-24 12:40 - 000000000 ____D C:\Users\stoup\AppData\Local\The Creative Assembly
2020-12-24 00:21 - 2020-12-24 00:21 - 000000000 ____D C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018)
2020-12-24 00:19 - 2020-12-24 00:21 - 440544064 _____ C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018).zip
2020-12-21 18:03 - 2020-12-21 18:03 - 000000000 ____D C:\Users\stoup\AppData\Roaming\SyberiaTWBP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:18 - 2019-01-08 23:05 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA Corporation
2021-01-19 21:12 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 20:27 - 2020-03-21 00:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 20:22 - 2019-02-05 06:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 20:21 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\Mozilla
2021-01-19 20:18 - 2020-03-21 00:47 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-19 20:18 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-19 20:18 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-19 20:18 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 20:12 - 2020-03-21 00:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-19 20:12 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-19 19:59 - 2019-12-28 05:19 - 000000000 ____D C:\Users\stoup\AppData\Local\ESET
2021-01-19 19:33 - 2020-09-23 21:25 - 000000000 ____D C:\Users\stoup\AppData\Local\CrashDumps
2021-01-19 19:33 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-19 19:28 - 2020-09-20 15:07 - 000000000 ____D C:\AdwCleaner
2021-01-19 19:26 - 2020-09-20 14:58 - 000000000 ____D C:\EEK
2021-01-19 19:05 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\vlc
2021-01-19 17:51 - 2019-01-07 20:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:15 - 2020-03-21 00:43 - 000000000 ____D C:\Users\stoup
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-19 17:13 - 2019-01-07 20:22 - 000000000 ____D C:\ProgramData\Packages
2021-01-19 17:13 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\Packages
2021-01-19 17:02 - 2020-09-29 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-19 17:02 - 2020-03-10 15:37 - 000000000 ____D C:\Program Files (x86)\AMD
2021-01-19 17:02 - 2019-01-07 20:12 - 000000000 ____D C:\Program Files\AMD
2021-01-19 17:01 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\AMD
2021-01-19 17:01 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\AMD
2021-01-19 07:17 - 2019-01-07 20:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-19 06:45 - 2019-01-07 20:38 - 000000000 ____D C:\Users\stoup\AppData\Local\D3DSCache
2021-01-18 17:02 - 2020-03-21 00:49 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1554923785
2021-01-18 17:02 - 2019-04-10 20:16 - 000001405 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-13 21:37 - 2020-03-21 00:41 - 000497432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 21:37 - 2020-03-21 00:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 ___RD C:\Users\stoup\3D Objects
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 20:49 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:48 - 2019-01-08 06:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:47 - 2019-01-08 06:48 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:45 - 2020-03-21 00:44 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 20:45 - 2019-01-07 20:01 - 000410816 __RSH C:\bootmgr
2021-01-12 01:13 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-12 01:13 - 2019-01-07 20:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 19:37 - 2019-01-07 20:12 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-11 19:06 - 2020-07-24 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-11 18:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-06 19:13 - 2019-03-19 17:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-06 19:13 - 2019-03-19 17:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-03 15:21 - 2019-01-11 18:27 - 000000000 ____D C:\Users\stoup\AppData\Local\JDownloader 2.0
2021-01-01 16:28 - 2020-08-02 10:06 - 000000000 ____D C:\GOG Games
2020-12-29 09:11 - 2019-02-14 18:41 - 000000000 ____D C:\Games
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Users\stoup\AppData\Local\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Program Files (x86)\Comodo
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-25 18:53 - 2020-09-27 11:17 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-24 13:31 - 2019-02-22 20:39 - 000000000 ____D C:\Program Files\Epic Games
==================== Files in the root of some directories ========
2019-01-12 11:12 - 2020-09-07 18:08 - 000003981 _____ () C:\Users\stoup\AppData\Roaming\DESKTOP-AS6HE0O.MTBF.txt
2019-01-12 11:17 - 2019-01-12 11:17 - 000003584 _____ () C:\Users\stoup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ () C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by stoup (19-01-2021 21:20:11)
Running from C:\Users\stoup\OneDrive\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-03-20 23:49:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-202815913-3708365009-1602261077-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-202815913-3708365009-1602261077-503 - Limited - Disabled)
Guest (S-1-5-21-202815913-3708365009-1602261077-501 - Limited - Disabled)
stoup (S-1-5-21-202815913-3708365009-1602261077-1001 - Administrator - Enabled) => C:\Users\stoup
WDAGUtilityAccount (S-1-5-21-202815913-3708365009-1602261077-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Disabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Disabled) {3D9428CB-50D2-A37E-F90F-1D238F042427}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM\...\{63FED867-23CB-4AC7-9F22-64AD80FA0DA7}) (Version: 2.16.7113.0 - UL) Hidden
3DMark (HKLM-x32\...\{b6a95974-3bca-4571-9656-98b7350cb823}) (Version: 2.16.7113.0 - UL)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acoustica Premium Edition 6.0 (HKLM-x32\...\{B0AB0E72-A179-4B1E-813B-BBA1344819A5}_is1) (Version: 6.0.8 - Acon AS)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CS (x64) (HKLM\...\{71C1FD4A-E7D1-4C24-82AE-D4A07516B6DD}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CT (x64) (HKLM\...\{D251081C-25F7-4EFA-9DF3-C3D3F751CFB2}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CZ (x64) (HKLM\...\{1EE74A96-A900-4607-9D63-25F120E19CC4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - DE (x64) (HKLM\...\{78A4A2EA-7C1D-48A9-92F2-FF60E098EF53}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Docs (x64) (HKLM\...\{74127108-BAE6-4A9E-BE10-931292D9E1AC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - ES (x64) (HKLM\...\{AF2C3573-F52E-4B52-AED8-58F14E626002}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - FR (x64) (HKLM\...\{F4A5C1FF-1BEB-40D1-81F7-460F4021AD76}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IT (x64) (HKLM\...\{8A87BFC9-69B9-4A0A-9D3C-5A8884380DE0}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - JP (x64) (HKLM\...\{D202A107-A207-4A8C-ABE9-29640818EC4F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - NL (x64) (HKLM\...\{65DC3D32-2462-49EC-9263-FB0A5056F899}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PL (x64) (HKLM\...\{217124CA-CFDD-410E-A7F9-C9D43137467E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - RU (x64) (HKLM\...\{EF129473-7919-4CDF-875A-ABF57158901D}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0.0.633 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 -TR (x64) (HKLM\...\{AFB3227A-5276-4E51-A305-A893531C4895}) (Version: 20.0 - Corel Corporation) Hidden
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Crucial Storage Executive (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Crucial Storage Executive 3.60.082018.04) (Version: 5.09.122019.04 - Crucial)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3235023Change_4177747 - GOG.com)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Eraser 6.2.0.2982 (HKLM\...\{DFCF78CC-3DAD-4C1E-8BC6-94DC5B73461E}) (Version: 6.2.2982 - The Eraser Project)
Eye 312 (HKLM-x32\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.78 - Gridinsoft LLC)
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
OpenShot Video Editor verze 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.78.42537 - Electronic Arts, Inc.)
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Roblox Player for stoup (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Someday You'll Return (HKLM-x32\...\2107162474_is1) (Version: 1.7.5g2 - GOG.com)
Spirit of the North (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Spirit of the North) (Version: - HOODLUM)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
War Thunder Launcher 1.0.3.148 (HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
Packages:
=========
Audio Converter Any Format -> C:\Program Files\WindowsApps\22546Cidade.AudioConverterAnyFormat_4.0.32.0_x64__cjt5542sbwgmj [2021-01-13] (Cidade) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-23] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-07] (Fitbit)
Libra Office Suite -> C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8 [2020-05-04] (HLXB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-13] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-19] (NVIDIA Corp.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-17] (Thumbmunkeys Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-01-11] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\nvshext.dll [2021-01-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2021-01-14] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-03-19] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-22 14:16 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-05-17 12:38 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2020-02-17 17:59 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-02-17 17:59 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-02-17 17:59 - 2020-02-17 17:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-02 06:37 - 2020-02-17 17:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
AlternateDataStreams: C:\Users\stoup\Downloads\12382636.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\12445438.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\501900000001CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\501931833155CZ.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE Installer_150320pm09.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\hw64_538.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.20.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\HWiNFO64_v5.32.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\stoup\Downloads\Koření-pro-každé-vaření.pdf:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 08:31 - 2020-11-21 15:21 - 000001930 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stoup\Downloads\ice_fox-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FDEA0810-9DC4-4550-9931-0EED29323EFA}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{27BE5362-BEBD-4490-9614-FC263ECD2B69}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [{758C36E1-470E-4885-99C0-7DDF6AE65F4D}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{C1F72A2C-71E4-47D4-9604-4386E69A1716}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{4DAD7F12-8523-4906-8D0D-B560E8EC902F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7AD4D326-29B0-4AEF-95A6-6CDA329F2449}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D5A46AA6-1879-4474-98AA-B478AF7C56D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{613C3706-C9DE-4690-9191-243D47C89FE8}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6E9A5B4F-8863-4DBD-B494-1FA958F28BF8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C489805F-00A5-458B-8447-CB7138ADA8FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{72F4BFC1-53B9-4016-9FF9-071C4BAB789C}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{E27003F6-015E-4E9B-B2B3-4BB4AA283111}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{247F6E82-E86C-4F72-9878-A794CB9C46BC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{10FE1538-D2BF-4261-B458-DEAFDF550FFC}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{11B91DFF-2B67-446E-B85E-1AB9ECB320F3}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{0834AFE9-3ADD-4E68-A1FD-486A35D3C655}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F58E7E5-8E66-4424-A3E1-38FBE16A08E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B30F0231-C5D5-46E5-BE0E-097BF6956FF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5E193851-3B8D-4B40-A99B-EA0734374986}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{A75511BD-62BB-4145-B7DA-6100BE63B83F}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{04132621-F4A5-495D-AD89-D566379ED773}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{693F0373-6996-4010-BF41-C329ABB2AC46}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{3B134E21-1D1E-410D-8314-22989E282815}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7DB42BA4-9A3A-4E24-92B7-F1C4B3DC75C6}] => (Allow) LPort=5357
FirewallRules: [{1B3093E2-77C1-4D08-926E-CE1C34B8E271}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{33ABDF98-B39E-4A14-ABCF-92D089CB08C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{96C25ACC-96C4-4F3D-B7CE-18BD5794036F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{6CAB91E3-D0E8-49B8-A5C4-33141FCE4319}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5458AE3A-D26B-430B-8EC5-F79E7ED5D748}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F5FDB86D-0B06-4DF0-9A4F-791C701101D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C29B2497-562F-406A-A925-5206A58A871A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4992BB24-08C3-4452-A690-EBB87E4FC166}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CD2227A-DCA4-4665-8635-7156FE1E533C}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{13588503-BCBC-47E1-BF42-9C2234E99B3F}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [UDP Query User{A65039F0-9992-4599-AFC8-0D8B4C76006E}C:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) C:\program files\epic games\totalwarsagatroy\troy.exe => No File
FirewallRules: [TCP Query User{AAFD0FB8-4FE5-4441-A6C8-A2B49FBA7ADE}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [UDP Query User{94F5AD87-B13D-4F23-B91A-A59F537D4E65}C:\program files (x86)\titanfall 2\titanfall2.exe] => (Block) C:\program files (x86)\titanfall 2\titanfall2.exe => No File
FirewallRules: [TCP Query User{E1470EC9-6C14-471A-AED4-01288F95B94E}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{5C301DE8-3614-4BEF-9C0C-AEE236E52ECE}C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{59BD7FE4-4BC9-4C97-8352-6A41DF5DC3E1}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{50E76DE2-BBC3-4F08-AAD0-AA9DC7D8D0BF}C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{C120CCF9-6AD3-40CE-9DBE-FF27DED562E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{E22317A5-2229-4C71-B3F0-A8C9C8271DF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{298C0FCE-AB67-40E4-AF5B-18960278648B}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{0825457B-032B-41A7-8522-2AA91F8CB0C7}C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{BC401FDB-CEB8-48A1-94B0-31DA38772A5C}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{E377A072-D689-4BF0-8D7B-885E84B61733}C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) C:\ames\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{7C67A616-6CEC-4814-8E62-1B9B61DA4D0A}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [UDP Query User{D71D272A-7D04-471E-B7BC-829A1D0A4162}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe => No File
FirewallRules: [TCP Query User{8C9DCCD7-60DF-4456-ACE2-8E660AE5C36C}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{F4C18F90-2823-4B31-9CBE-8C90E3E6D393}C:\program files\epic games\alienisolation\ai.exe] => (Allow) C:\program files\epic games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{9113101F-E99E-40A9-A57F-0CC91710F3DB}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{BD3AA255-842F-4ABA-ADF8-461A9EB62CA5}C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [{C83C4AEC-95F3-4FAA-B7B3-C42885C33A7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE59EF50-9C3A-4FB6-B3F5-C8BF21924E2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31B29B56-88F6-4FA4-8318-D735FD67D886}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90682371-FF62-4CD2-9E54-B154393EB621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0FA4466A-8F0E-4D2F-9E03-B328F498BC1D}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{A661AB6C-7E22-4DE9-A234-47F8D84EFFE3}C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\gog games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{AFBEC143-6F30-428B-AE14-3EA875E3608C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{72B9013A-F097-4619-8048-7EC212753D99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [{AC14182A-4C4E-4313-A4B3-2CE925537B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed]
FirewallRules: [TCP Query User{E1FB3EC1-754C-407A-BA88-874BDD4F02C3}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1E8C5F06-720B-4724-B2E1-1DDEE3EE401A}C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\stoup\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5A11B54C-6C29-4D34-AE20-D45C61E7D97F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1CCD4FD-6325-4A32-9EAD-A9E5D0C0306E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99B9A79E-F7F0-4BBB-B4DF-93B876BF70F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF70E026-53C5-4E14-B5BD-AADE684653E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8188088-6067-4E2F-BA8D-1221CAE9ED0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65F3D82D-8549-483B-BFDB-5DBC0FCF184D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
19-01-2021 17:08:35 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/19/2021 09:05:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:58:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:48:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:26:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 08:06:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3576,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/19/2021 07:58:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (01/19/2021 08:12:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 08:12:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:59:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Log Utility neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 07:59:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Log Utility bylo dosaženo časového limitu (45000 ms).
Error: (01/19/2021 07:58:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Lavasoft Ad-Aware Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (01/19/2021 07:37:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
===================================
Date: 2021-01-19 19:24:26.205
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Uwasson.A!ml
ID: 251745
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b5
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-19 19:24:24.202
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\stoup\AppData\Local\Temp\tmp00000142\tmp0000c9b7
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AS6HE0O\stoup
Název procesu: C:\EEK\bin64\a2emergencykit.exe
Verze bezpečnostních informací: AV: 1.329.2479.0, AS: 1.329.2479.0, NIS: 1.329.2479.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-17 21:19:41.724
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {238D9039-61F0-47FA-9EE4-71C30EB3015B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-11 20:03:35.413
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4D165924-7986-4281-9BFC-E2FEAB4FD592}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-01 22:09:15.163
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4050F8C9-B948-43B7-9120-56F4CA36444D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2021-01-19 21:10:17.658
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:08:40.303
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:06:56.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:31.270
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:24.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:19.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-19 21:05:18.172
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F1 08/17/2020
Motherboard: Gigabyte Technology Co., Ltd. B450M DS3H V2
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16332.61 MB
Available physical RAM: 9168.71 MB
Total Virtual: 21708.61 MB
Available Virtual: 11409.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.25 GB) (Free:146.86 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (WD500Gb) (Fixed) (Total:465.76 GB) (Free:107.34 GB) NTFS
\\?\Volume{1a10bb5c-0000-0000-0000-205074000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1A10BB5C)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=519 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EE9D3ECA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-01-2021
Ran by stoup (administrator) on DESKTOP-AS6HE0O (Gigabyte Technology Co., Ltd. B450M DS3H V2) (19-01-2021 21:19:23)
Running from C:\Users\stoup\OneDrive\Desktop
Loaded Profiles: stoup
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Gaijin Network LTD -> Gaijin) C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.bin
(HLXB) C:\Program Files\WindowsApps\48713HLXB.LibraOfficeSuite_1.8.0.0_x64__d5x6rd8f18cg8\libre\program\soffice.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1067024 2018-01-03] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Gaijin.Net Updater] => C:\Users\stoup\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-202815913-3708365009-1602261077-1001\...\Run: [Opera Browser Assistant] => C:\Users\stoup\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07BF7802-C897-4B30-A394-7A136B659B04} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {237C08C5-0F73-4253-AF38-BDA51B9C9826} - \Ad-Aware Update (Weekly) -> No File <==== ATTENTION
Task: {32BF3F23-E172-42A2-9C41-2F896ACA12DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {3E25E44F-E6D6-46C0-88D5-55D35A6B679E} - System32\Tasks\Opera scheduled Autoupdate 1554923785 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {3F158DF5-17A3-4425-8792-F55FA9810F7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47400C43-D0C9-41E5-B3A7-26A85D3DD586} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {4BC10CD5-8E20-44C6-B062-E15EBBCE1E03} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {500C04C4-6628-4736-8287-36080D8124ED} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50750946-E51C-4AA2-946B-2E3DFAAADD70} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1644480 2018-03-06] (Corel Corporation -> Corel Corporation)
Task: {70F3FC92-9FD7-454C-95DA-B178EC95A95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-07] (Google Inc -> Google Inc.)
Task: {72CC1F44-F249-4808-92DD-097F0B02A4A9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E46EBD7-A949-4406-81D0-517EE33568C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8ECB25B1-A20F-43F3-A259-5E02B7B36CE1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {99D91E38-AD25-486B-8F45-1FD57E963A04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E75A821-5EB1-4B42-AF7B-A7E9A702561D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A18787D8-A407-4742-8E73-9455B1BFC014} - System32\Tasks\Opera scheduled assistant Autoupdate 1582734759 => C:\Users\stoup\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\stoup\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AB1658DD-0A89-411B-941A-E4130EBC85AF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC7C80A4-B767-46E6-9A8C-745BE9F789C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE819C3F-BAFE-40D9-BFD8-7A1528873524} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7E8D100-A2F9-45C2-AF24-8F4B9F101180} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {DCF632AE-F40E-4C6B-AF5C-F06DD308C411} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1156858-DAB2-4A88-97A8-85FC00912E4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF3D728C-3152-40DF-A245-087AC427EE59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8A40BAC-5371-4A18-83D1-D7E1DFD47255} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{030501c3-ea03-4580-98c4-02bc71413ce9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91778c54-b2f8-4f4e-afd0-8ff5ad49d99e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\stoup\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-19]
FireFox:
========
FF DefaultProfile: 61fmaxz7.default-1553011361875
FF ProfilePath: C:\Users\stoup\AppData\Roaming\Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 [2021-01-19]
FF Notifications: Mozilla\Firefox\Profiles\61fmaxz7.default-1553011361875 -> hxxps://www.facebook.com; hxxps://www.exasoft.cz; hxxps://a.mp3pro.xyz; hxxps://www.sevt.cz; hxxps://www.hudy.cz; hxxps://www.4camping.cz; hxxps://aukro.cz
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-17]
Chrome:
=======
CHR Profile: C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default [2021-01-19]
CHR Notifications: Default -> hxxps://mediamarkt.pl; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-07]
CHR Extension: (Dokumenty) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-07]
CHR Extension: (Disk Google) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-07]
CHR Extension: (Tabulky) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\stoup\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
Opera:
=======
OPR Profile: C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable [2021-01-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\stoup\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-28] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510136 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3462464 2020-07-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3621da861144492b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67576 2018-12-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [65320 2019-01-07] (Martin Malik - REALiX -> REALiX(tm))
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1087120 2019-01-23] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
R3 MpKsl0a43ddaf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{335FC21D-9A6D-4529-9A93-758DECC24BFC}\MpKslDrv.sys [91376 2021-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-17] (Mail.Ru LLC -> LLC Mail.Ru)
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2021-01-13] (GridinSoft, LLC -> GridinSoft LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:02 - 2021-01-19 21:19 - 000000000 ____D C:\FRST
2021-01-19 20:57 - 2021-01-19 20:57 - 000018451 _____ C:\Users\stoup\Downloads\FRST.rar
2021-01-19 20:12 - 2021-01-19 20:12 - 000000000 __HDC C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2021-01-19 19:36 - 2021-01-19 19:36 - 000000778 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-19 19:32 - 2021-01-19 20:16 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000001117 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2021-01-19 19:32 - 2021-01-19 19:32 - 000000000 ____D C:\ProgramData\GridinSoft
2021-01-19 19:31 - 2021-01-19 19:31 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix (1).exe
2021-01-19 19:30 - 2021-01-19 19:30 - 000989584 _____ (GridinSoft LLC) C:\Users\stoup\Downloads\install-antimalware-fix.exe
2021-01-19 19:29 - 2021-01-19 19:29 - 015012440 _____ (ESET spol. s r.o.) C:\Users\stoup\Downloads\esetonlinescanner.exe
2021-01-19 19:23 - 2021-01-19 19:23 - 008458096 _____ (Malwarebytes) C:\Users\stoup\Downloads\adwcleaner_8.0.9.exe
2021-01-19 19:21 - 2021-01-19 19:23 - 633521152 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-whql.exe
2021-01-19 19:11 - 2021-01-19 19:11 - 000000000 ____D C:\Users\stoup\AppData\Local\mbam
2021-01-19 19:10 - 2021-01-19 19:10 - 002086424 _____ (Malwarebytes) C:\Users\stoup\Downloads\MBSetup (2).exe
2021-01-19 19:06 - 2021-01-19 19:07 - 000200506 _____ C:\TDSSKiller.2.8.16.0_19.01.2021_19.06.03_log.txt
2021-01-19 19:06 - 2021-01-19 19:06 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\47639295.sys
2021-01-19 17:51 - 2021-01-19 17:51 - 000000000 ____D C:\Users\stoup\AppData\Roaming\NVIDIA
2021-01-19 17:15 - 2021-01-19 21:18 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-01-19 17:15 - 2021-01-19 17:15 - 000000000 ____D C:\Users\stoup\ansel
2021-01-19 17:13 - 2021-01-19 17:13 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-19 17:13 - 2021-01-19 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-19 17:13 - 2020-12-31 15:01 - 002797552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 002154984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 001294832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-19 17:13 - 2020-12-31 15:01 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-01-19 17:12 - 2020-12-31 15:01 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-01-19 17:12 - 2020-12-31 15:01 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:49 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-19 17:11 - 2021-01-04 15:48 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000690072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-01-19 17:11 - 2021-01-04 15:46 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000610712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-19 17:11 - 2021-01-04 15:46 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 005631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-19 17:11 - 2021-01-04 15:45 - 000447384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-01-19 17:11 - 2021-01-04 15:44 - 000850840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-01-19 17:11 - 2021-01-04 15:43 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-19 17:11 - 2021-01-04 15:43 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-19 17:11 - 2020-12-31 15:01 - 000084159 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-19 17:09 - 2021-01-19 20:14 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-19 17:09 - 2021-01-19 19:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-19 17:09 - 2021-01-19 17:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-19 17:08 - 2020-12-31 15:01 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-19 17:08 - 2020-10-05 14:05 - 001492800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvppcgenco64_145831832.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 001690976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-01-19 17:08 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-01-19 17:08 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-01-19 17:02 - 2021-01-19 17:03 - 661510840 _____ (NVIDIA Corporation) C:\Users\stoup\Downloads\461.09-desktop-win10-64bit-international-dch-whql.exe
2021-01-18 21:58 - 2021-01-18 21:58 - 000060012 _____ C:\Users\stoup\Downloads\EDAZ-5L36738_20210201_426ad2b7-57e9-400f-81eb-5c532ac511b3.pdf
2021-01-13 20:46 - 2021-01-13 20:46 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 20:46 - 2021-01-13 20:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 20:46 - 2021-01-13 20:46 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 20:46 - 2021-01-13 20:46 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 20:46 - 2021-01-13 20:46 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 20:46 - 2021-01-13 20:46 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 20:45 - 2021-01-13 20:45 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 20:45 - 2021-01-13 20:45 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 20:45 - 2021-01-13 20:45 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-13 20:45 - 2021-01-13 20:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-13 08:05 - 2021-01-13 08:05 - 015793332 _____ C:\Users\stoup\Downloads\prilohy_56650.zip
2021-01-13 03:12 - 2021-01-13 03:12 - 000107784 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gsInetSecurity.sys
2021-01-13 03:12 - 2021-01-13 03:12 - 000038216 _____ (GridinSoft LLC) C:\WINDOWS\system32\Drivers\gtkdrv.sys
2021-01-12 19:48 - 2021-01-12 19:48 - 000092226 _____ C:\Users\stoup\Downloads\faktura 180040.pdf
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
2021-01-11 19:39 - 2021-01-11 19:39 - 000000000 ____D C:\Program Files (x86)\Futuremark
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\Users\Public\Desktop\3DMark.lnk
2021-01-11 19:37 - 2021-01-11 19:37 - 000001023 _____ C:\ProgramData\Desktop\3DMark.lnk
2021-01-11 19:34 - 2021-01-19 17:38 - 000000000 ____D C:\Users\stoup\OneDrive\Documents\3DMark
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:38 - 000000000 ____D C:\Users\Default User\AppData\Local\D3DSCache
2021-01-11 19:34 - 2021-01-11 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\stoup\AppData\Local\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Users\Default User\AppData\Local\AMD
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\ProgramData\UL
2021-01-11 19:34 - 2021-01-11 19:34 - 000000000 ____D C:\Program Files\UL
2021-01-11 18:17 - 2019-10-30 02:20 - 001126344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-01-11 18:17 - 2019-10-30 02:20 - 000481888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-01-11 18:17 - 2019-10-29 23:20 - 000821336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-01-06 19:13 - 2021-01-06 19:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-06 16:58 - 2021-01-06 19:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 16:58 - 2021-01-06 16:58 - 000056630 _____ C:\Users\stoup\Downloads\Doklad_eshop482511.pdf
2021-01-03 15:40 - 2021-01-03 15:40 - 000834901 _____ C:\Cyberpunk.2077.v1.03-v1.06.Plus.32.Trainer-FLiNG.zip
2021-01-01 16:59 - 2021-01-01 16:59 - 000000000 ____D C:\Users\stoup\AppData\Local\CD Projekt Red
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\Users\Public\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000001914 _____ C:\ProgramData\Desktop\Cyberpunk 2077.lnk
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\Users\stoup\AppData\Local\REDEngine
2021-01-01 16:58 - 2021-01-01 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\Users\Public\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000002197 _____ C:\ProgramData\Desktop\Someday You'll Return.lnk
2021-01-01 10:35 - 2021-01-01 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Someday You'll Return [GOG.com]
2020-12-24 13:04 - 2020-12-24 13:04 - 000315813 _____ C:\Users\stoup\Downloads\CZECH.zip
2020-12-24 12:40 - 2020-12-24 12:40 - 000000000 ____D C:\Users\stoup\AppData\Local\The Creative Assembly
2020-12-24 00:21 - 2020-12-24 00:21 - 000000000 ____D C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018)
2020-12-24 00:19 - 2020-12-24 00:21 - 440544064 _____ C:\Users\stoup\Downloads\Therion - Beloved Antichrist (2018).zip
2020-12-21 18:03 - 2020-12-21 18:03 - 000000000 ____D C:\Users\stoup\AppData\Roaming\SyberiaTWBP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-19 21:18 - 2019-01-08 23:05 - 000000000 ____D C:\Users\stoup\AppData\Local\NVIDIA Corporation
2021-01-19 21:12 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-19 20:27 - 2020-03-21 00:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-19 20:22 - 2019-02-05 06:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-19 20:21 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\Mozilla
2021-01-19 20:18 - 2020-03-21 00:47 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-19 20:18 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-19 20:18 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-19 20:18 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-19 20:12 - 2020-03-21 00:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-19 20:12 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-19 19:59 - 2019-12-28 05:19 - 000000000 ____D C:\Users\stoup\AppData\Local\ESET
2021-01-19 19:33 - 2020-09-23 21:25 - 000000000 ____D C:\Users\stoup\AppData\Local\CrashDumps
2021-01-19 19:33 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-19 19:28 - 2020-09-20 15:07 - 000000000 ____D C:\AdwCleaner
2021-01-19 19:26 - 2020-09-20 14:58 - 000000000 ____D C:\EEK
2021-01-19 19:05 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\vlc
2021-01-19 17:51 - 2019-01-07 20:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:15 - 2020-03-21 00:43 - 000000000 ____D C:\Users\stoup
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-19 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-19 17:13 - 2019-01-07 20:22 - 000000000 ____D C:\ProgramData\Packages
2021-01-19 17:13 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\Packages
2021-01-19 17:02 - 2020-09-29 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-19 17:02 - 2020-03-10 15:37 - 000000000 ____D C:\Program Files (x86)\AMD
2021-01-19 17:02 - 2019-01-07 20:12 - 000000000 ____D C:\Program Files\AMD
2021-01-19 17:01 - 2019-01-07 20:17 - 000000000 ____D C:\Users\stoup\AppData\LocalLow\AMD
2021-01-19 17:01 - 2019-01-07 20:14 - 000000000 ____D C:\Users\stoup\AppData\Local\AMD
2021-01-19 07:17 - 2019-01-07 20:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-19 06:45 - 2019-01-07 20:38 - 000000000 ____D C:\Users\stoup\AppData\Local\D3DSCache
2021-01-18 17:02 - 2020-03-21 00:49 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1554923785
2021-01-18 17:02 - 2019-04-10 20:16 - 000001405 _____ C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-13 21:37 - 2020-03-21 00:41 - 000497432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-13 21:37 - 2020-03-21 00:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 21:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-13 21:37 - 2019-01-07 20:14 - 000000000 ___RD C:\Users\stoup\3D Objects
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 20:49 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 20:48 - 2019-01-08 06:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 20:47 - 2019-01-08 06:48 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-13 20:45 - 2020-03-21 00:44 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 20:45 - 2019-01-07 20:01 - 000410816 __RSH C:\bootmgr
2021-01-12 01:13 - 2019-01-07 20:40 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-12 01:13 - 2019-01-07 20:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 01:13 - 2019-01-07 20:17 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 19:37 - 2019-01-07 20:12 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-11 19:06 - 2020-07-24 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-11 19:06 - 2020-07-24 16:58 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-11 18:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-06 19:13 - 2019-03-19 17:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-06 19:13 - 2019-03-19 17:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-03 15:21 - 2019-01-11 18:27 - 000000000 ____D C:\Users\stoup\AppData\Local\JDownloader 2.0
2021-01-01 16:28 - 2020-08-02 10:06 - 000000000 ____D C:\GOG Games
2020-12-29 09:11 - 2019-02-14 18:41 - 000000000 ____D C:\Games
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Users\stoup\AppData\Local\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2020-12-28 11:23 - 2020-09-19 08:13 - 000000000 ____D C:\Program Files (x86)\Comodo
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-12-28 09:26 - 2019-02-11 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-25 18:53 - 2020-09-27 11:17 - 000000000 ____D C:\Users\stoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-24 13:31 - 2019-02-22 20:39 - 000000000 ____D C:\Program Files\Epic Games
==================== Files in the root of some directories ========
2019-01-12 11:12 - 2020-09-07 18:08 - 000003981 _____ () C:\Users\stoup\AppData\Roaming\DESKTOP-AS6HE0O.MTBF.txt
2019-01-12 11:17 - 2019-01-12 11:17 - 000003584 _____ () C:\Users\stoup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-11 20:13 - 2021-01-13 22:59 - 000007597 _____ () C:\Users\stoup\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: