VIRY.CZ

Dobrý večer, Můj počítač za standartních okolností dokázal uchladit počítač pod 50 stupňů za menší zátěže i při používání prohlížeče a kvůli nevyužití výkonu procesoru se automaticky procesor podtaktoval a snížil svojí frekvenci na nějakých 2,2 Ghz a zvedal jí automaticky jen při zátěži (instalaci atd). Ted mi ale počítač začal kvůli nějakému programu v pozadí opakovaně ve stálých intervalech začal zatěžovat procesor na nějakých 3,8 Ghz skokově na sekundu a nic a tak pořád dokola v intervalech a tak tedy i opakovaně zvyšovat teplotu to se nestávalo aby takto kolísala. Šel jsem tedy do správce úloh a přijde mi podezřelé chování základní aplikace Microsoftu "WMI Provider Host" s podobnou pravidelností bez zátěže nebo mého zásahu kolísá její využití procesoru od 0,4 až po 16%. Jak jsem se dozvěděl tak tato aplikace spolupracuje s nějakými jinými aplikacemi které jí využívají. Prosil bych prověřit počítač jestli mi nějaká havěť neovlivňuje WMI Provider Host a tak i využití procesoru děkuji.

Přikládám log FRST a adw cleaneru

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-16-2021
# Duration: 00:00:09
# OS: Windows 10 Home
# Scanned: 31984
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1406 octets] - [07/05/2020 16:01:41]
AdwCleaner[S01].txt - [1467 octets] - [17/06/2020 22:44:34]
AdwCleaner[S02].txt - [1528 octets] - [17/06/2020 22:45:06]
AdwCleaner[S03].txt - [1589 octets] - [09/08/2020 20:00:45]
AdwCleaner[S04].txt - [1650 octets] - [09/08/2020 20:02:26]
AdwCleaner[C04].txt - [1944 octets] - [09/08/2020 20:02:45]
AdwCleaner[S05].txt - [1772 octets] - [25/09/2020 13:13:10]
AdwCleaner[S06].txt - [1833 octets] - [11/10/2020 14:35:24]
AdwCleaner[S07].txt - [1894 octets] - [08/11/2020 13:01:42]
AdwCleaner[S08].txt - [1955 octets] - [06/02/2021 22:20:28]
AdwCleaner[S09].txt - [2194 octets] - [08/03/2021 17:54:54]
AdwCleaner[C09].txt - [2451 octets] - [08/03/2021 17:55:18]
AdwCleaner[S10].txt - [2137 octets] - [08/03/2021 17:55:43]
AdwCleaner[S11].txt - [2198 octets] - [14/04/2021 01:12:10]
AdwCleaner[S12].txt - [2259 octets] - [14/04/2021 01:12:29]
AdwCleaner[C12].txt - [2651 octets] - [14/04/2021 01:12:37]
AdwCleaner[S13].txt - [2382 octets] - [16/04/2021 02:27:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S14].txt ##########

FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2021
Ran by petrs (administrator) on DESKTOP-U6H7SKL (Micro-Star International Co., Ltd. MS-7B93) (16-04-2021 03:26:30)
Running from C:\Users\petrs\Desktop
Loaded Profiles: petrs
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(A-Volute SAS -> A-Volute) C:\Users\petrs\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.103.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Nahimic\NahimicMonitorX64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Speed Up\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [65792 2021-01-15] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {0648d552-b83d-11ea-9fb9-3cf011db18c9} - "E:\Setup.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {2819f5a4-28cc-11eb-a04a-3cf011db18c9} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {91c6765b-94a4-11eb-a0d5-3cf011db18c9} - "E:\Start PC.exe"
HKLM\...\Windows x64\Print Processors\xrfr4aPPS: C:\Windows\System32\spool\prtprocs\x64\xrfr4aPP.dll [32256 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Windows x64\Print Processors\xrhr4apps: C:\Windows\System32\spool\prtprocs\x64\xrhr4apps.dll [32768 2011-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI FAX Language Monitor: C:\Windows\system32\xrfr4aLM.DLL [29696 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI Language Monitor: C:\Windows\system32\xrhr4aLM.DLL [23040 2011-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02822362-1744-480A-A58A-12EB36B6EB0D} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [44720 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {06840F81-9808-42AE-895F-08F929569A42} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {07E7048D-84C5-41A0-A067-3B36DD1E19A9} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {08AEBEEC-441B-493D-AFA4-88905698E9E5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E6A87FC-3B8D-48B0-8066-9763261CA1DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B7ACE05-ACF2-4B24-9694-F446D1483089} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20E47E80-1D10-416D-A602-A59DC73F826C} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {2957A6C4-7912-44C9-AAA2-F69C48D907F3} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {2A51EC27-A706-4353-99BD-F571C827643C} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1674576 2021-03-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {2BC612A1-E3BA-4024-9244-CC0C1C04F613} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31CC8FAB-9BF7-442F-8D15-A3333D4F067C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AA916FC-2335-455B-A419-E8295359FE09} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {46901ADD-E0E9-4C60-9B5C-D1E9C1854783} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {4CBC2CAA-7C36-432F-BF1D-4728CF774237} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {51687AD6-49E7-4A20-A926-A40E868D900E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56DF1975-4CC3-4F6C-97C3-D2211C8E9F88} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {5C3A948C-E8F5-4ECC-A5BC-FDF6D84A131F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {607783EE-0EB4-424A-9F3B-867615FA471F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {68B8C567-4C07-41FE-90FE-2727D5B43A0B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
Task: {74A722B7-814E-4974-A78C-E9010DEFFACC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {758C52B8-E6C4-4D8C-9C49-4B9FF49E655F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8D60E1EA-26D3-4F2E-B3FA-73F71D865592} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FA60673-53E5-4803-B019-DC01B68C4044} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EE3E32F-7600-40F1-A548-D22B8A371F08} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {A6DCFCEC-9DB0-4D39-A66F-17969B3C7948} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFAA5209-3892-4F1F-A7E0-7C4F88722ABA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B01B3074-C159-4072-AD29-714E31E5B294} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BB17F8C3-D565-4042-91AE-610E40345EC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE12BB1A-DB8C-4998-8474-227E4AD087EB} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {CA490B88-253D-40D5-BD22-35E578447E62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CFEAAE54-B7C9-4106-BBA7-06420CAF1CCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCA598CE-7D66-409F-8006-F93E529C17BC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0F0DD93-F6E8-4831-9BFF-05BBF450BC96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {E676E904-30A0-42B6-9B07-8012415C7C69} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {EFEEB374-3B84-4BCD-941E-A3655C616734} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {F6AEF45E-F0E0-43A1-A347-ACE56A6EA53F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48b850e4-fd1a-49d5-8137-3f431ee05a28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{733a0df6-d01a-477d-84c8-50b533ba09e1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f9b40f63-5ec8-4fe1-9939-7c9afefa7ffd}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\petrs\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2494327022-153220514-1288694628-1001 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2021-04-16]
Edge HomePage: Profile 4 -> hxxp://www.seznam.cz/
Edge StartupUrls: Profile 4 -> "hxxp://www.seznam.cz/"
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2021-02-06]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2021-02-06]
Edge Extension: (Chrome Media Router) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-03-06]

FireFox:
========
FF DefaultProfile: n0ktmh7e.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\n0ktmh7e.default [2020-04-04]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release [2021-04-14]
FF Homepage: Mozilla\Firefox\Profiles\iulz89yi.default-release -> hxxp://www.seznam.cz/
FF Extension: (uBlock Origin) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-03]
FF Extension: (NoScript) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-03-03]
FF Extension: (No Name) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-31]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2020-11-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [622344 2021-01-05] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4582080 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [131568 2021-01-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35848 2021-01-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-09] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7816584 2018-07-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-09-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32400 2020-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1747240 2021-01-04] (cFos Software GmbH -> cFos Software GmbH)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26824 2020-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-05-27] (Famatech Corp. -> Famatech Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2719256 2020-07-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-16 03:26 - 2021-04-16 03:26 - 000031156 _____ C:\Users\petrs\Desktop\FRST.txt
2021-04-16 03:25 - 2021-04-16 03:26 - 000000000 ____D C:\FRST
2021-04-16 03:25 - 2021-04-16 03:25 - 002298368 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2021-04-16 03:24 - 2021-04-16 03:24 - 000002443 _____ C:\Users\petrs\Downloads\AdwCleaner[S14].txt
2021-04-16 03:00 - 2021-04-16 03:00 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-16 02:28 - 2021-04-16 02:28 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-16 02:28 - 2021-04-16 02:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-16 02:28 - 2021-04-16 02:28 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-16 02:27 - 2021-04-16 02:27 - 002078632 _____ (Malwarebytes) C:\Users\petrs\Downloads\MBSetup.exe
2021-04-16 02:26 - 2021-04-16 02:26 - 008534696 _____ (Malwarebytes) C:\Users\petrs\Downloads\adwcleaner_8.2.exe
2021-04-16 02:18 - 2021-04-16 03:14 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-04-16 02:18 - 2021-04-16 03:14 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-04-16 02:17 - 2021-01-13 18:54 - 006021608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-04-16 02:17 - 2021-01-13 18:44 - 044132505 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-04-16 02:14 - 2021-04-16 02:14 - 018342500 _____ C:\Users\petrs\Downloads\7B93v1C3.zip
2021-04-16 02:09 - 2021-04-16 02:09 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-04-15 15:08 - 2021-04-15 15:08 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 15:08 - 2021-04-15 15:08 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-15 15:08 - 2021-04-15 15:08 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-15 04:05 - 2021-04-15 04:05 - 000025050 _____ C:\Users\petrs\Downloads\Shadows House 01.ass
2021-04-14 14:58 - 2021-04-14 14:58 - 000001253 _____ C:\ProgramData\Desktop\Portal.lnk
2021-04-14 14:58 - 2021-04-14 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
2021-04-14 14:49 - 2021-04-14 14:49 - 000160522 _____ C:\Users\petrs\Downloads\Portal cestina STS Oficial CZ Steam finalni verze.zip
2021-04-14 14:07 - 2021-04-14 14:07 - 000044277 _____ C:\Users\petrs\Downloads\Erai-raws_Vivy_-_Fluorite_Eyes_Song_-_03_1080pMultiple_Subtitle.ass
2021-04-14 13:24 - 2021-04-14 13:24 - 000031844 _____ C:\Users\petrs\Downloads\Nanatsu_no_Taizai_S04E13.ass
2021-04-14 01:27 - 2021-04-14 01:27 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2021-04-14 01:27 - 2021-04-14 01:27 - 000003216 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - MSI.True Color
2021-04-14 01:27 - 2021-01-04 16:19 - 001747240 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys
2021-04-14 01:26 - 2021-04-14 01:26 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2021-04-14 01:25 - 2021-04-14 01:27 - 000092044 _____ C:\WINDOWS\cFosSpeed_Setup_Log.txt
2021-04-14 01:24 - 2021-04-14 01:24 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-04-14 01:24 - 2021-04-14 01:24 - 000000000 ____D C:\ProgramData\A-Volute
2021-04-14 01:22 - 2021-04-14 01:22 - 000000313 _____ C:\WINDOWS\SysWOW64\Upgrade_Saved_Config.txt
2021-04-14 01:22 - 2021-04-14 01:22 - 000000135 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2021-04-14 01:22 - 2021-04-14 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-04-14 01:22 - 2021-04-14 01:22 - 000000000 ____D C:\Program Files\Intel
2021-04-14 01:22 - 2020-09-08 04:29 - 000118128 _____ (Intel Corporation) C:\WINDOWS\system32\e1rmsg.dll
2021-04-14 01:21 - 2021-04-14 01:21 - 000000000 ____D C:\Users\petrs\AppData\Roaming\AMD
2021-04-14 01:20 - 2021-04-14 01:20 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-14 01:17 - 2021-04-14 01:17 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-04-14 01:17 - 2021-04-14 01:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-04-14 01:16 - 2021-03-26 09:45 - 007207560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-04-14 01:16 - 2021-03-26 01:34 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-04-14 01:16 - 2020-10-07 13:34 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-04-14 01:16 - 2020-10-07 13:32 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-04-14 01:15 - 2021-03-26 01:34 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-04-14 01:15 - 2021-03-26 01:34 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-04-14 01:14 - 2021-03-26 09:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-14 01:14 - 2021-03-26 09:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 001514256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 001166104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000626992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 002105632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 001590048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000811800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-04-14 01:14 - 2021-03-26 09:48 - 000656144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000445712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-04-14 01:14 - 2021-03-26 09:47 - 008316176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 007433488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 002823440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-04-14 01:14 - 2021-03-26 09:46 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-04-14 01:14 - 2021-03-26 09:45 - 006154480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-04-14 01:14 - 2021-03-26 01:34 - 000087163 _____ C:\WINDOWS\system32\nvinfo.pb
2021-04-14 01:13 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-04-14 00:33 - 2021-04-14 00:33 - 000849171 _____ C:\Users\petrs\Downloads\[Klimsa] Beastars S2-02.ass
2021-04-13 23:04 - 2021-04-13 21:30 - 000908391 _____ C:\Users\petrs\Downloads\[PAS] Beastars S2 - 13 (WEB 1080 AAC) [8CF487D4].ass
2021-04-13 21:56 - 2021-04-13 21:56 - 000094762 _____ C:\Users\petrs\Downloads\PAS-Beastars-S2-13.zip
2021-04-13 18:22 - 2021-04-13 18:22 - 000022743 _____ C:\Users\petrs\Downloads\[SubsPlease] Fumetsu no Anata e - 01 (720p) [8E50AF06].ass
2021-04-13 15:50 - 2021-04-13 15:50 - 000009970 _____ C:\Users\petrs\Downloads\FilolialSubs-02-Princezna-niceho.zip
2021-04-13 15:50 - 2021-04-13 15:50 - 000009707 _____ C:\Users\petrs\Downloads\FilolialSubs-01-Jak-pravil-Hrom.zip
2021-04-13 01:47 - 2021-04-13 01:47 - 000026273 _____ C:\Users\petrs\Downloads\[TeamNS] Fumetsu No Anata E- 1.ass
2021-04-12 22:24 - 2021-04-11 17:11 - 000037329 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [SubsPlease] Sentouin, Hakenshimasu! - 02.ass
2021-04-12 22:24 - 2021-04-09 18:32 - 000031824 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [SubsPlease] Kumo desu ga, Nani ka - 13.ass
2021-04-12 22:24 - 2021-04-05 17:50 - 000044849 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [Erai-raws] Sentouin Hakenshimasu! - 01.ass
2021-04-12 22:24 - 2021-04-01 22:35 - 000032201 _____ C:\Users\petrs\Downloads\12 Moje bitva, jenom začala.ass
2021-04-12 20:02 - 2021-04-12 20:02 - 000045521 _____ C:\Users\petrs\Downloads\Slime Taoshite 300-nen- Shiranai Uchi ni Level Max ni Nattemashita 01 - I Maxed Out My Level.ass
2021-04-12 20:02 - 2021-04-12 20:02 - 000030387 _____ C:\Users\petrs\Downloads\SubsPlease_86_-_Eighty_Six_-_01_720p_preklad.ass
2021-04-12 20:01 - 2021-04-12 20:01 - 000039252 _____ C:\Users\petrs\Downloads\[Weeb Gakuin] Edens Zero - 01 v5 [1080p HEVC 10-bit AAC].ass
2021-04-12 20:00 - 2021-04-12 20:00 - 000021561 _____ C:\Users\petrs\Downloads\SubsPlease_Seven_Knights_Revolution_-_Eiyuu_no_Keishousha_-_01_1080p_A3DC5794 (1).ass
2021-04-12 19:59 - 2021-04-12 19:59 - 000013931 _____ C:\Users\petrs\Downloads\Kamui-Subs-Erai-raws-Sentouin-Hakenshimasu-01.zip
2021-04-12 19:59 - 2021-04-12 19:59 - 000011567 _____ C:\Users\petrs\Downloads\Kamui-Subs-SubsPlease-Sentouin-Hakenshimasu-02.zip
2021-04-12 19:58 - 2021-04-12 19:58 - 000010559 _____ C:\Users\petrs\Downloads\Kamui-Subs-SubsPlease-Kumo-desu-ga-Nani-ka-13.zip
2021-04-12 19:56 - 2021-04-12 19:56 - 000011273 _____ C:\Users\petrs\Downloads\FilolialSubs-12-Moje-bitva-jenom-zacala.zip
2021-04-07 20:18 - 2021-04-07 20:18 - 000027404 _____ C:\Users\petrs\Downloads\[SubsPlease] Seijo no Maryoku wa Bannou Desu - 01 (720p) [E2391897].ass
2021-04-07 19:22 - 2021-04-07 19:22 - 000032865 _____ C:\Users\petrs\Downloads\[TeamNS] Mushoku Tensei- Isekai Ittara Honki Dasu- 10.ass
2021-04-07 19:22 - 2021-04-07 19:22 - 000025909 _____ C:\Users\petrs\Downloads\[TeamNS] Mushoku Tensei- Isekai Ittara Honki Dasu- 11.ass
2021-04-06 19:49 - 2021-04-06 19:49 - 000032390 _____ C:\Users\petrs\Downloads\Erai-raws_Vivy_-_Fluorite_Eyes_Song_-_02_v01080p.ass
2021-04-06 09:53 - 2021-04-06 09:53 - 000218378 _____ C:\Users\petrs\Downloads\Doklad-562957.pdf
2021-04-05 20:54 - 2021-04-05 20:54 - 000022316 _____ C:\Users\petrs\Downloads\Nanatsu_no_Taizai_S04E12.ass
2021-04-03 23:41 - 2021-04-03 23:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2019
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\Program Files (x86)\Nero
2021-04-03 23:06 - 2021-04-03 23:06 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Macromedia
2021-03-31 11:54 - 2021-03-31 11:54 - 000000319 _____ C:\Users\petrs\Desktop\Kingdom Come Deliverance.url
2021-03-22 17:53 - 2021-03-22 17:53 - 000001779 _____ C:\Users\petrs\Desktop\WC3Launcher – zástupce.lnk
2021-03-22 17:31 - 2021-04-03 23:50 - 000000000 ____D C:\Program Files (x86)\Warcraft III - Complete Edition
2021-03-20 01:01 - 2021-03-20 01:01 - 000001335 _____ C:\Users\petrs\Desktop\FurMark.lnk
2021-03-20 01:01 - 2021-03-20 01:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2021-03-20 01:01 - 2021-03-20 01:01 - 000000000 ____D C:\Program Files (x86)\Geeks3D

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-16 03:21 - 2021-02-06 23:02 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-16 03:21 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-16 03:21 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-16 03:21 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-16 03:16 - 2020-05-07 16:10 - 000000000 ____D C:\Program Files\CCleaner
2021-04-16 03:16 - 2020-04-04 02:01 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-16 03:14 - 2021-02-06 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-16 03:14 - 2021-02-06 22:53 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-16 03:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-16 03:13 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-16 03:04 - 2020-04-04 02:01 - 000000000 ____D C:\Users\petrs\AppData\Local\NVIDIA Corporation
2021-04-16 02:28 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-16 02:17 - 2020-04-04 03:23 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-04-16 02:17 - 2020-04-04 03:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-16 02:08 - 2020-04-07 02:19 - 000000000 ____D C:\AMD
2021-04-16 02:08 - 2020-04-04 02:01 - 000000000 ____D C:\Users\petrs\AppData\Local\NVIDIA
2021-04-16 01:47 - 2020-04-04 02:19 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2021-04-16 01:31 - 2020-11-08 17:38 - 000000000 ___SD C:\Users\petrs\Documents\Sticky Passwords
2021-04-16 01:00 - 2021-02-06 22:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-15 15:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-15 15:04 - 2020-04-04 02:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 15:03 - 2020-05-03 18:40 - 000000000 ___HD C:\GrandeDevice
2021-04-15 15:03 - 2020-04-04 02:44 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-15 04:37 - 2020-04-05 01:57 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2021-04-15 04:14 - 2020-11-04 03:36 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2021-04-15 04:06 - 2020-10-30 13:52 - 000000000 ___RD C:\Users\petrs\Downloads\Anime
2021-04-14 15:02 - 2020-04-04 16:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-14 13:20 - 2021-01-03 01:19 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-04-14 01:27 - 2020-09-20 23:47 - 000000000 ____D C:\MSI
2021-04-14 01:27 - 2020-04-04 03:41 - 000000000 ____D C:\Program Files\cFosSpeed
2021-04-14 01:26 - 2020-09-06 15:02 - 000000000 ____D C:\Program Files\ENE
2021-04-14 01:26 - 2020-04-04 02:01 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-14 01:23 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-14 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-14 01:21 - 2020-06-03 22:23 - 000000000 ____D C:\Program Files (x86)\AMD
2021-04-14 01:17 - 2020-04-04 01:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-14 01:13 - 2021-02-06 22:57 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2020-04-04 02:01 - 000001403 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-04-14 01:13 - 2020-04-04 02:01 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-14 01:13 - 2020-04-04 01:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-14 01:10 - 2020-04-04 23:35 - 000000000 ____D C:\Users\petrs\AppData\Local\CrashDumps
2021-04-14 01:09 - 2020-04-04 02:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-14 01:09 - 2020-04-04 02:56 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-14 01:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-12 17:58 - 2020-04-04 07:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 23:04 - 2020-05-03 16:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-07 23:08 - 2020-05-01 21:30 - 000000000 ____D C:\Users\petrs\AppData\Roaming\TS3Client
2021-04-07 21:05 - 2020-04-15 20:31 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2021-04-07 21:05 - 2020-04-15 20:30 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2021-04-07 13:38 - 2020-04-04 02:01 - 002817904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-04-07 13:38 - 2020-04-04 02:01 - 002171760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-04-07 13:38 - 2020-04-04 02:01 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-04-06 18:01 - 2020-04-04 01:45 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2021-04-05 19:29 - 2020-04-26 22:15 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-04-03 23:53 - 2021-02-06 22:53 - 000446072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-03 23:48 - 2020-04-26 22:31 - 000000000 ____D C:\ProgramData\LogiShrd
2021-04-03 23:48 - 2020-04-26 22:14 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Logishrd
2021-04-03 23:48 - 2020-04-26 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-04-03 23:28 - 2020-04-04 01:53 - 000000000 ____D C:\Users\petrs\AppData\Local\PlaceholderTileLogoFolder
2021-04-03 23:28 - 2020-04-04 01:29 - 000000000 ____D C:\ProgramData\Packages
2021-04-03 23:22 - 2021-02-06 22:57 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-31 11:54 - 2020-07-14 20:01 - 000000000 ____D C:\Program Files\Epic Games
2021-03-31 10:34 - 2020-11-23 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-03-31 10:34 - 2020-05-21 18:52 - 000000000 ____D C:\Games
2021-03-31 10:28 - 2021-01-03 01:18 - 000000000 ____D C:\Users\petrs\AppData\Local\Overwolf
2021-03-31 10:26 - 2020-12-21 03:51 - 000000000 ____D C:\Program Files\Fotolab
2021-03-30 12:57 - 2020-11-08 15:59 - 000074608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-03-30 12:57 - 2020-11-08 15:59 - 000064880 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-03-27 23:04 - 2020-04-04 15:55 - 000000000 ____D C:\Users\petrs\AppData\LocalLow\Mozilla
2021-03-27 23:04 - 2020-04-04 15:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-27 21:21 - 2021-03-03 21:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-25 14:10 - 2020-04-12 01:50 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Aegisub
2021-03-21 18:54 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR

==================== Files in the root of some directories ========

2020-12-24 19:02 - 2020-12-25 01:21 - 000002293 _____ () C:\Users\petrs\AppData\Roaming\ASSDraw3.cfg
2020-09-07 17:07 - 2020-09-07 17:07 - 047902775 _____ () C:\Users\petrs\AppData\Roaming\gta5_patch.bin
2020-05-07 15:54 - 2020-05-07 15:54 - 000286604 _____ () C:\Users\petrs\AppData\Roaming\oq3_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2020-09-07 17:07 - 2020-09-07 17:07 - 000332800 _____ () C:\Users\petrs\AppData\Roaming\patcher.dll
2020-11-10 12:51 - 2021-04-03 23:27 - 000000205 _____ () C:\Users\petrs\AppData\Local\oobelibMkey.log
2020-04-05 01:44 - 2020-04-14 19:06 - 000007606 _____ () C:\Users\petrs\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2021
Ran by petrs (16-04-2021 03:27:33)
Running from C:\Users\petrs\Desktop
Windows 10 Home Version 20H2 19042.928 (X64) (2021-02-06 20:57:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2494327022-153220514-1288694628-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494327022-153220514-1288694628-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2494327022-153220514-1288694628-1000 - Limited - Disabled)
Guest (S-1-5-21-2494327022-153220514-1288694628-501 - Limited - Disabled)
petrs (S-1-5-21-2494327022-153220514-1288694628-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2494327022-153220514-1288694628-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story CZ 5.3.260 (HKLM-x32\...\4Story_CZ_is1) (Version: 5.3.260 - Gameforge4D GmbH)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
cFosSpeed 11.10 (HKLM\...\cFosSpeed) (Version: 11.10 - cFos Software GmbH, Bonn)
CPUID CPU-Z MSI 1.90 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.90 - CPUID, Inc.)
CrystalDiskInfo 8.5.2 Shizuku Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1371 - Disc Soft Ltd)
Death Stranding v. 1.02 (HKLM-x32\...\Death Stranding_is1) (Version: - )
Discord (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{40941c42-b00c-4b98-900e-941e412fb676}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 5.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.5.0.0 - Free Time)
Game Capture (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_lnhebboianabbebhnpoodokcdcnmikacoeijpjfe) (Version: 1.0.0.0 - Overwolf app)
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Geeks3D FurMark 1.20.8.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Intel(R) Network Connections 25.4.0.6 (HKLM\...\PROSetDX) (Version: 25.4.0.6 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.76 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0226.01 - MSI)
Nero Burn and Archive 2019 (HKLM-x32\...\{C9ED3AA7-920B-49A0-BA84-10933EF4B481}) (Version: 20.0.00300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 465.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 465.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.168.0.12 - Overwolf Ltd.)
Portal verze 1.0.0.0 (HKLM-x32\...\{9AD3428A-B930-49E4-8966-1941D8B97CAC}_is1) (Version: 1.0.0.0 - Strogino CS Portal)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9102.1 - Realtek Semiconductor Corp.)
Replay HUD (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_hffhbjnafafjnehejohpkfhjdenpifhihebpkhni) (Version: 145.0.0 - Overwolf app)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.2.8.15 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
TeamSpeak 3 Client (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Xerox WorkCentre 3045NI (HKLM-x32\...\{DC944A50-9DEB-4D0C-83FD-D641A7775FF3}) (Version: 1.005.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{DC944A50-9DEB-4D0C-83FD-D641A7775FF3}) (Version: 1.005.00 - Xerox)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.103.0_x64__kzh8wxbdkxb8p [2021-03-17] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-06] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.6.5.0_x64__w2gh52qy24etm [2021-04-07] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-14] (NVIDIA Corp.)
PDF X -> C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.2.5.0_x64__sbe4t8mqwq93a [2021-04-03] (NG PDF Lab)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-04-14] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2494327022-153220514-1288694628-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\petrs\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\nvshext.dll [2021-03-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\petrs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2020-09-06 17:39 - 2017-08-03 05:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll
2020-11-08 17:38 - 2020-11-30 17:17 - 001101824 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
2020-05-03 18:40 - 2011-05-16 15:20 - 015072256 _____ () [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\xrhr4aRC.DLL
2020-06-04 01:35 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2020-09-06 17:39 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-04-14 01:25 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2021-04-14 01:12 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Wi-Fi 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Bonjour Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: LogiRegistryService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3914FC0A-0AD1-459B-935E-7BE2A6A86345}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D56D860-E1F8-4071-9267-1CB5A89C40AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B7C0401-C6FD-4153-93CB-422BADA0F810}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB9C10F5-080C-4F6B-B562-DC98A780220E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B025A901-D9DA-4365-AB06-AC1E6F60B05E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B9BBD6A-DAD9-4836-9424-97FB5D5D86D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F8428B3F-0DC9-4769-81C5-53BC64924AA0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{F4C7BD29-C7F8-4E7E-946B-7EAC888D2571}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{AC6382C9-F121-4F0F-BDFF-2AFD32330800}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{9D84AF79-E719-46CF-90F5-5F6357D3CBF7}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{7AA9A434-6919-4ED5-8F30-63B4A95B72E1}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9BCD3426-0BC4-4A6D-B7CF-85491C3FFB56}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2A835A2-7FD8-4090-BA4E-520701F1A72C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FC5B6C00-492C-42E5-8F7D-6509EBD3471C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D44D374C-C15C-45B8-90DB-0AF2E1585747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{C91844BC-9ABF-4885-9FA2-C29604AC2779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{74C13F34-689E-4296-96FF-EA53B075946C}] => (Allow) LPort=32682

==================== Restore Points =========================

13-04-2021 13:08:06 Naplánovaný kontrolní bod
15-04-2021 15:04:22 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Nahimic mirroring device
Description: Nahimic mirroring device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Nahimic
Service: Nahimic_Mirroring
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/16/2021 03:01:41 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:39 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (04/16/2021 03:01:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LEDKeeper2.exe, verze: 1.0.1.15, časové razítko: 0x60487780
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x091e3892
ID chybujícího procesu: 0x2138
Čas spuštění chybující aplikace: 0x01d7325607354d41
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ada28f19-c2e0-4b07-afc4-4f26fda2c899
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/16/2021 03:01:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LEDKeeper2.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na MSI_LED.CControl.ResetItem(Int32)
na MSI_LED.App.CloseAPP()
na MSI_LED.App.Application_SessionEnding(System.Object, System.Windows.SessionEndingCancelEventArgs)
na System.Windows.Application.OnSessionEnding(System.Windows.SessionEndingCancelEventArgs)
na System.Windows.Application.WmQueryEndSession(IntPtr, IntPtr ByRef)
na System.Windows.Application.AppFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (04/16/2021 03:01:31 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:26 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:21 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (04/16/2021 02:15:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioUniversalService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/15/2021 09:16:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Audiosrv neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (04/15/2021 09:16:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Audiosrv se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/15/2021 09:16:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:48:59, ‎15.‎04.‎2021) bylo neočekávané.

Error: (04/15/2021 09:15:37 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (04/14/2021 02:43:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/14/2021 02:43:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (04/14/2021 01:30:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll


Windows Defender:
================
Date: 2021-04-16 02:57:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F231C8D9-B7DF-4675-9A2A-F891A9CD0703}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-U6H7SKL\petrs

Date: 2021-04-13 19:06:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D8F75077-93E1-41CA-9439-5A2D79C9C464}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-09 10:34:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4560EC7-53E8-419D-A295-DD514E19D0EB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-09 09:09:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1F1D3AB6-F17C-4DBB-A630-3373A518E31D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-05 14:57:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CD924070-008C-4C13-9A6D-CBC4CEA227DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-04-16 03:14:31
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.60 01/14/2020
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 27%
Total physical RAM: 16332.19 MB
Available physical RAM: 11822.87 MB
Total Virtual: 32716.19 MB
Available Virtual: 25439.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.19 GB) (Free:159.47 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1284.19 GB) NTFS

\\?\Volume{1f09c536-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1F09C536)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
V PC máte jen zbytečnosti. Měl byste vědět, po instalaci jakého programu se toto začalo dít a ten program odinstalovat. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {0648d552-b83d-11ea-9fb9-3cf011db18c9} - "E:\Setup.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {2819f5a4-28cc-11eb-a04a-3cf011db18c9} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {91c6765b-94a4-11eb-a0d5-3cf011db18c9} - "E:\Start PC.exe"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dobrý den,
Přikládám fixlog a nový FRST log

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-04-2021
Ran by petrs (16-04-2021 12:02:39) Run:1
Running from C:\Users\petrs\Desktop
Loaded Profiles: petrs
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {0648d552-b83d-11ea-9fb9-3cf011db18c9} - "E:\Setup.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {2819f5a4-28cc-11eb-a04a-3cf011db18c9} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\MountPoints2: {91c6765b-94a4-11eb-a0d5-3cf011db18c9} - "E:\Start PC.exe"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0648d552-b83d-11ea-9fb9-3cf011db18c9} => removed successfully
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2819f5a4-28cc-11eb-a04a-3cf011db18c9} => removed successfully
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91c6765b-94a4-11eb-a0d5-3cf011db18c9} => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11609366 B
Java, Flash, Steam htmlcache => 375743628 B
Windows/system/drivers => 52903471 B
Edge => 4096 B
Firefox => 8297440 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 517266 B
LocalService => 517266 B
NetworkService => 527728 B
petrs => 19592718 B

RecycleBin => 0 B
EmptyTemp: => 458.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:02:45 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2021
Ran by petrs (administrator) on DESKTOP-U6H7SKL (Micro-Star International Co., Ltd. MS-7B93) (16-04-2021 12:07:01)
Running from C:\Users\petrs\Desktop
Loaded Profiles: petrs
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Users\petrs\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.103.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Nahimic\NahimicMonitorX64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Speed Up\StorageMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [65792 2021-01-15] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM\...\Windows x64\Print Processors\xrfr4aPPS: C:\Windows\System32\spool\prtprocs\x64\xrfr4aPP.dll [32256 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Windows x64\Print Processors\xrhr4apps: C:\Windows\System32\spool\prtprocs\x64\xrhr4apps.dll [32768 2011-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI FAX Language Monitor: C:\Windows\system32\xrfr4aLM.DLL [29696 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI Language Monitor: C:\Windows\system32\xrhr4aLM.DLL [23040 2011-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02822362-1744-480A-A58A-12EB36B6EB0D} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [44720 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {06840F81-9808-42AE-895F-08F929569A42} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {08AEBEEC-441B-493D-AFA4-88905698E9E5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E6A87FC-3B8D-48B0-8066-9763261CA1DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B7ACE05-ACF2-4B24-9694-F446D1483089} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20E47E80-1D10-416D-A602-A59DC73F826C} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {2957A6C4-7912-44C9-AAA2-F69C48D907F3} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {2A51EC27-A706-4353-99BD-F571C827643C} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1674576 2021-03-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {2BC612A1-E3BA-4024-9244-CC0C1C04F613} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {31CC8FAB-9BF7-442F-8D15-A3333D4F067C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AA916FC-2335-455B-A419-E8295359FE09} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {46901ADD-E0E9-4C60-9B5C-D1E9C1854783} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {4CBC2CAA-7C36-432F-BF1D-4728CF774237} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {51687AD6-49E7-4A20-A926-A40E868D900E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56DF1975-4CC3-4F6C-97C3-D2211C8E9F88} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {5C3A948C-E8F5-4ECC-A5BC-FDF6D84A131F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {607783EE-0EB4-424A-9F3B-867615FA471F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {68B8C567-4C07-41FE-90FE-2727D5B43A0B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
Task: {74A722B7-814E-4974-A78C-E9010DEFFACC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {758C52B8-E6C4-4D8C-9C49-4B9FF49E655F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8D60E1EA-26D3-4F2E-B3FA-73F71D865592} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FA60673-53E5-4803-B019-DC01B68C4044} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EE3E32F-7600-40F1-A548-D22B8A371F08} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {A6DCFCEC-9DB0-4D39-A66F-17969B3C7948} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A71B1558-E8EE-4CC2-B639-3E0EC7542F4B} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {AFAA5209-3892-4F1F-A7E0-7C4F88722ABA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B01B3074-C159-4072-AD29-714E31E5B294} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BB17F8C3-D565-4042-91AE-610E40345EC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA490B88-253D-40D5-BD22-35E578447E62} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CFEAAE54-B7C9-4106-BBA7-06420CAF1CCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB15AE66-4A59-4D7B-8041-3CC3505D78C4} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {DCA598CE-7D66-409F-8006-F93E529C17BC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0F0DD93-F6E8-4831-9BFF-05BBF450BC96} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {E676E904-30A0-42B6-9B07-8012415C7C69} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1067016 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {EFEEB374-3B84-4BCD-941E-A3655C616734} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [823304 2020-12-09] (A-Volute SAS -> Nahimic)
Task: {F6AEF45E-F0E0-43A1-A347-ACE56A6EA53F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48b850e4-fd1a-49d5-8137-3f431ee05a28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{733a0df6-d01a-477d-84c8-50b533ba09e1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f9b40f63-5ec8-4fe1-9939-7c9afefa7ffd}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\petrs\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2494327022-153220514-1288694628-1001 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2021-04-16]
Edge HomePage: Profile 4 -> hxxp://www.seznam.cz/
Edge StartupUrls: Profile 4 -> "hxxp://www.seznam.cz/"
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2021-02-06]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2021-02-06]
Edge Extension: (Chrome Media Router) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-03-06]

FireFox:
========
FF DefaultProfile: n0ktmh7e.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\n0ktmh7e.default [2021-04-16]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release [2021-04-16]
FF Homepage: Mozilla\Firefox\Profiles\iulz89yi.default-release -> hxxp://www.seznam.cz/
FF Extension: (uBlock Origin) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-03]
FF Extension: (NoScript) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-03-03]
FF Extension: (No Name) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-31]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\iulz89yi.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2020-11-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [622344 2021-01-05] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4582080 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-02-27] (GOG Sp. z o.o. -> GOG.com)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S4 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [131568 2021-01-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35848 2021-01-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-09] (A-Volute SAS -> Nahimic)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7816584 2018-07-30] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-03-18] (Overwolf Ltd -> Overwolf LTD)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1453184 2020-09-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32400 2020-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1747240 2021-01-04] (cFos Software GmbH -> cFos Software GmbH)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26824 2020-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-16] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsle6ef2ea2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17920195-4B32-4081-A8E4-57CDCDDCF513}\MpKslDrv.sys [97528 2021-04-16] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-05-27] (Famatech Corp. -> Famatech Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2719256 2020-07-21] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-16 12:04 - 2021-04-16 12:04 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-04-16 12:04 - 2021-04-16 12:04 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-04-16 12:02 - 2021-04-16 12:02 - 000005774 _____ C:\Users\petrs\Desktop\Fixlog.txt
2021-04-16 03:27 - 2021-04-16 03:28 - 000037171 _____ C:\Users\petrs\Desktop\Addition.txt
2021-04-16 03:26 - 2021-04-16 12:07 - 000030547 _____ C:\Users\petrs\Desktop\FRST.txt
2021-04-16 03:25 - 2021-04-16 12:07 - 000000000 ____D C:\FRST
2021-04-16 03:25 - 2021-04-16 03:25 - 002298368 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2021-04-16 03:24 - 2021-04-16 03:24 - 000002443 _____ C:\Users\petrs\Downloads\AdwCleaner[S14].txt
2021-04-16 03:00 - 2021-04-16 03:00 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-16 02:28 - 2021-04-16 02:28 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-16 02:28 - 2021-04-16 02:28 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-16 02:28 - 2021-04-16 02:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-16 02:28 - 2021-04-16 02:28 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-16 02:27 - 2021-04-16 02:27 - 002078632 _____ (Malwarebytes) C:\Users\petrs\Downloads\MBSetup.exe
2021-04-16 02:26 - 2021-04-16 02:26 - 008534696 _____ (Malwarebytes) C:\Users\petrs\Downloads\adwcleaner_8.2.exe
2021-04-16 02:17 - 2021-01-13 18:54 - 006021608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-04-16 02:17 - 2021-01-13 18:44 - 044132505 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-04-16 02:14 - 2021-04-16 02:14 - 018342500 _____ C:\Users\petrs\Downloads\7B93v1C3.zip
2021-04-16 02:09 - 2021-04-16 02:09 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-04-15 15:08 - 2021-04-15 15:08 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 15:08 - 2021-04-15 15:08 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-15 15:08 - 2021-04-15 15:08 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-15 04:05 - 2021-04-15 04:05 - 000025050 _____ C:\Users\petrs\Downloads\Shadows House 01.ass
2021-04-14 14:58 - 2021-04-14 14:58 - 000001253 _____ C:\ProgramData\Desktop\Portal.lnk
2021-04-14 14:58 - 2021-04-14 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
2021-04-14 14:49 - 2021-04-14 14:49 - 000160522 _____ C:\Users\petrs\Downloads\Portal cestina STS Oficial CZ Steam finalni verze.zip
2021-04-14 14:07 - 2021-04-14 14:07 - 000044277 _____ C:\Users\petrs\Downloads\Erai-raws_Vivy_-_Fluorite_Eyes_Song_-_03_1080pMultiple_Subtitle.ass
2021-04-14 13:24 - 2021-04-14 13:24 - 000031844 _____ C:\Users\petrs\Downloads\Nanatsu_no_Taizai_S04E13.ass
2021-04-14 01:27 - 2021-04-14 01:27 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2021-04-14 01:27 - 2021-04-14 01:27 - 000003216 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - MSI.True Color
2021-04-14 01:27 - 2021-01-04 16:19 - 001747240 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys
2021-04-14 01:26 - 2021-04-14 01:26 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2021-04-14 01:25 - 2021-04-14 01:27 - 000092044 _____ C:\WINDOWS\cFosSpeed_Setup_Log.txt
2021-04-14 01:24 - 2021-04-14 01:24 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-04-14 01:24 - 2021-04-14 01:24 - 000000000 ____D C:\ProgramData\A-Volute
2021-04-14 01:22 - 2021-04-14 01:22 - 000000313 _____ C:\WINDOWS\SysWOW64\Upgrade_Saved_Config.txt
2021-04-14 01:22 - 2021-04-14 01:22 - 000000135 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt
2021-04-14 01:22 - 2021-04-14 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-04-14 01:22 - 2021-04-14 01:22 - 000000000 ____D C:\Program Files\Intel
2021-04-14 01:22 - 2020-09-08 04:29 - 000118128 _____ (Intel Corporation) C:\WINDOWS\system32\e1rmsg.dll
2021-04-14 01:21 - 2021-04-14 01:21 - 000000000 ____D C:\Users\petrs\AppData\Roaming\AMD
2021-04-14 01:20 - 2021-04-14 01:20 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-14 01:17 - 2021-04-14 01:17 - 000000000 ____D C:\WINDOWS\system32\lxss
2021-04-14 01:17 - 2021-04-14 01:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-04-14 01:16 - 2021-03-26 09:45 - 007207560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-04-14 01:16 - 2021-03-26 01:34 - 000135408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-04-14 01:16 - 2020-10-07 13:34 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-04-14 01:16 - 2020-10-07 13:32 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-04-14 01:15 - 2021-03-26 01:34 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-04-14 01:15 - 2021-03-26 01:34 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-04-14 01:14 - 2021-03-26 09:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-14 01:14 - 2021-03-26 09:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-14 01:14 - 2021-03-26 09:52 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-14 01:14 - 2021-03-26 09:52 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 001514256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 001166104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000626992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-04-14 01:14 - 2021-03-26 09:49 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 002105632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 001590048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000811800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-04-14 01:14 - 2021-03-26 09:48 - 000656144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-04-14 01:14 - 2021-03-26 09:48 - 000445712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-04-14 01:14 - 2021-03-26 09:47 - 008316176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 007433488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-04-14 01:14 - 2021-03-26 09:47 - 002823440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-04-14 01:14 - 2021-03-26 09:46 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-04-14 01:14 - 2021-03-26 09:45 - 006154480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-04-14 01:14 - 2021-03-26 01:34 - 000087163 _____ C:\WINDOWS\system32\nvinfo.pb
2021-04-14 01:13 - 2020-08-14 09:59 - 000043416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys
2021-04-14 00:33 - 2021-04-14 00:33 - 000849171 _____ C:\Users\petrs\Downloads\[Klimsa] Beastars S2-02.ass
2021-04-13 23:04 - 2021-04-13 21:30 - 000908391 _____ C:\Users\petrs\Downloads\[PAS] Beastars S2 - 13 (WEB 1080 AAC) [8CF487D4].ass
2021-04-13 21:56 - 2021-04-13 21:56 - 000094762 _____ C:\Users\petrs\Downloads\PAS-Beastars-S2-13.zip
2021-04-13 18:22 - 2021-04-13 18:22 - 000022743 _____ C:\Users\petrs\Downloads\[SubsPlease] Fumetsu no Anata e - 01 (720p) [8E50AF06].ass
2021-04-13 15:50 - 2021-04-13 15:50 - 000009970 _____ C:\Users\petrs\Downloads\FilolialSubs-02-Princezna-niceho.zip
2021-04-13 15:50 - 2021-04-13 15:50 - 000009707 _____ C:\Users\petrs\Downloads\FilolialSubs-01-Jak-pravil-Hrom.zip
2021-04-13 01:47 - 2021-04-13 01:47 - 000026273 _____ C:\Users\petrs\Downloads\[TeamNS] Fumetsu No Anata E- 1.ass
2021-04-12 22:24 - 2021-04-11 17:11 - 000037329 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [SubsPlease] Sentouin, Hakenshimasu! - 02.ass
2021-04-12 22:24 - 2021-04-09 18:32 - 000031824 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [SubsPlease] Kumo desu ga, Nani ka - 13.ass
2021-04-12 22:24 - 2021-04-05 17:50 - 000044849 _____ C:\Users\petrs\Downloads\[Kamui-Subs] [Erai-raws] Sentouin Hakenshimasu! - 01.ass
2021-04-12 22:24 - 2021-04-01 22:35 - 000032201 _____ C:\Users\petrs\Downloads\12 Moje bitva, jenom začala.ass
2021-04-12 20:02 - 2021-04-12 20:02 - 000045521 _____ C:\Users\petrs\Downloads\Slime Taoshite 300-nen- Shiranai Uchi ni Level Max ni Nattemashita 01 - I Maxed Out My Level.ass
2021-04-12 20:02 - 2021-04-12 20:02 - 000030387 _____ C:\Users\petrs\Downloads\SubsPlease_86_-_Eighty_Six_-_01_720p_preklad.ass
2021-04-12 20:01 - 2021-04-12 20:01 - 000039252 _____ C:\Users\petrs\Downloads\[Weeb Gakuin] Edens Zero - 01 v5 [1080p HEVC 10-bit AAC].ass
2021-04-12 20:00 - 2021-04-12 20:00 - 000021561 _____ C:\Users\petrs\Downloads\SubsPlease_Seven_Knights_Revolution_-_Eiyuu_no_Keishousha_-_01_1080p_A3DC5794 (1).ass
2021-04-12 19:59 - 2021-04-12 19:59 - 000013931 _____ C:\Users\petrs\Downloads\Kamui-Subs-Erai-raws-Sentouin-Hakenshimasu-01.zip
2021-04-12 19:59 - 2021-04-12 19:59 - 000011567 _____ C:\Users\petrs\Downloads\Kamui-Subs-SubsPlease-Sentouin-Hakenshimasu-02.zip
2021-04-12 19:58 - 2021-04-12 19:58 - 000010559 _____ C:\Users\petrs\Downloads\Kamui-Subs-SubsPlease-Kumo-desu-ga-Nani-ka-13.zip
2021-04-12 19:56 - 2021-04-12 19:56 - 000011273 _____ C:\Users\petrs\Downloads\FilolialSubs-12-Moje-bitva-jenom-zacala.zip
2021-04-07 20:18 - 2021-04-07 20:18 - 000027404 _____ C:\Users\petrs\Downloads\[SubsPlease] Seijo no Maryoku wa Bannou Desu - 01 (720p) [E2391897].ass
2021-04-07 19:22 - 2021-04-07 19:22 - 000032865 _____ C:\Users\petrs\Downloads\[TeamNS] Mushoku Tensei- Isekai Ittara Honki Dasu- 10.ass
2021-04-07 19:22 - 2021-04-07 19:22 - 000025909 _____ C:\Users\petrs\Downloads\[TeamNS] Mushoku Tensei- Isekai Ittara Honki Dasu- 11.ass
2021-04-06 19:49 - 2021-04-06 19:49 - 000032390 _____ C:\Users\petrs\Downloads\Erai-raws_Vivy_-_Fluorite_Eyes_Song_-_02_v01080p.ass
2021-04-06 09:53 - 2021-04-06 09:53 - 000218378 _____ C:\Users\petrs\Downloads\Doklad-562957.pdf
2021-04-05 20:54 - 2021-04-05 20:54 - 000022316 _____ C:\Users\petrs\Downloads\Nanatsu_no_Taizai_S04E12.ass
2021-04-03 23:41 - 2021-04-03 23:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2019
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2021-04-03 23:40 - 2021-04-03 23:41 - 000000000 ____D C:\Program Files (x86)\Nero
2021-04-03 23:06 - 2021-04-03 23:06 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Macromedia
2021-03-31 11:54 - 2021-03-31 11:54 - 000000319 _____ C:\Users\petrs\Desktop\Kingdom Come Deliverance.url
2021-03-22 17:53 - 2021-03-22 17:53 - 000001779 _____ C:\Users\petrs\Desktop\WC3Launcher – zástupce.lnk
2021-03-22 17:31 - 2021-04-03 23:50 - 000000000 ____D C:\Program Files (x86)\Warcraft III - Complete Edition
2021-03-20 01:01 - 2021-03-20 01:01 - 000001335 _____ C:\Users\petrs\Desktop\FurMark.lnk
2021-03-20 01:01 - 2021-03-20 01:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2021-03-20 01:01 - 2021-03-20 01:01 - 000000000 ____D C:\Program Files (x86)\Geeks3D

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-16 12:06 - 2021-02-06 23:02 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-16 12:06 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-16 12:06 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-16 12:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-16 12:05 - 2020-05-07 16:10 - 000000000 ____D C:\Program Files\CCleaner
2021-04-16 12:05 - 2020-04-04 02:01 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-16 12:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-16 12:03 - 2021-02-06 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-16 12:03 - 2021-02-06 22:53 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-16 12:03 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-16 12:02 - 2020-04-11 16:35 - 000000000 ____D C:\Users\petrs\AppData\LocalLow\Temp
2021-04-16 12:02 - 2020-04-04 23:35 - 000000000 ____D C:\Users\petrs\AppData\Local\CrashDumps
2021-04-16 11:57 - 2020-04-04 02:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-16 11:57 - 2020-04-04 02:56 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-16 11:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-16 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-16 03:04 - 2020-04-04 02:01 - 000000000 ____D C:\Users\petrs\AppData\Local\NVIDIA Corporation
2021-04-16 02:28 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-16 02:17 - 2020-04-04 03:23 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-04-16 02:17 - 2020-04-04 03:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-16 02:08 - 2020-04-07 02:19 - 000000000 ____D C:\AMD
2021-04-16 02:08 - 2020-04-04 02:01 - 000000000 ____D C:\Users\petrs\AppData\Local\NVIDIA
2021-04-16 01:47 - 2020-04-04 02:19 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2021-04-16 01:31 - 2020-11-08 17:38 - 000000000 ___SD C:\Users\petrs\Documents\Sticky Passwords
2021-04-16 01:00 - 2021-02-06 22:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-15 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-15 15:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-15 15:04 - 2020-04-04 02:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 15:03 - 2020-05-03 18:40 - 000000000 ___HD C:\GrandeDevice
2021-04-15 15:03 - 2020-04-04 02:44 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-15 04:37 - 2020-04-05 01:57 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2021-04-15 04:14 - 2020-11-04 03:36 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2021-04-15 04:06 - 2020-10-30 13:52 - 000000000 ___RD C:\Users\petrs\Downloads\Anime
2021-04-14 15:02 - 2020-04-04 16:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-04-14 13:20 - 2021-01-03 01:19 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-04-14 01:27 - 2020-09-20 23:47 - 000000000 ____D C:\MSI
2021-04-14 01:27 - 2020-04-04 03:41 - 000000000 ____D C:\Program Files\cFosSpeed
2021-04-14 01:26 - 2020-09-06 15:02 - 000000000 ____D C:\Program Files\ENE
2021-04-14 01:26 - 2020-04-04 02:01 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-14 01:21 - 2020-06-03 22:23 - 000000000 ____D C:\Program Files (x86)\AMD
2021-04-14 01:17 - 2020-04-04 01:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-04-14 01:13 - 2021-02-06 22:57 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2021-02-06 22:57 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-14 01:13 - 2020-04-04 02:01 - 000001403 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-04-14 01:13 - 2020-04-04 02:01 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-04-14 01:13 - 2020-04-04 01:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-04-14 01:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-12 17:58 - 2020-04-04 07:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 23:04 - 2020-05-03 16:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-07 23:08 - 2020-05-01 21:30 - 000000000 ____D C:\Users\petrs\AppData\Roaming\TS3Client
2021-04-07 21:05 - 2020-04-15 20:31 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2021-04-07 21:05 - 2020-04-15 20:30 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2021-04-07 13:38 - 2020-04-04 02:01 - 002817904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-04-07 13:38 - 2020-04-04 02:01 - 002171760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-04-07 13:38 - 2020-04-04 02:01 - 001293680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-04-06 18:01 - 2020-04-04 01:45 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2021-04-05 19:29 - 2020-04-26 22:15 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-04-03 23:53 - 2021-02-06 22:53 - 000446072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-03 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-03 23:48 - 2020-04-26 22:31 - 000000000 ____D C:\ProgramData\LogiShrd
2021-04-03 23:48 - 2020-04-26 22:14 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Logishrd
2021-04-03 23:48 - 2020-04-26 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-04-03 23:28 - 2020-04-04 01:53 - 000000000 ____D C:\Users\petrs\AppData\Local\PlaceholderTileLogoFolder
2021-04-03 23:28 - 2020-04-04 01:29 - 000000000 ____D C:\ProgramData\Packages
2021-04-03 23:22 - 2021-02-06 22:57 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-03-31 11:54 - 2020-07-14 20:01 - 000000000 ____D C:\Program Files\Epic Games
2021-03-31 10:34 - 2020-11-23 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2021-03-31 10:34 - 2020-05-21 18:52 - 000000000 ____D C:\Games
2021-03-31 10:28 - 2021-01-03 01:18 - 000000000 ____D C:\Users\petrs\AppData\Local\Overwolf
2021-03-31 10:26 - 2020-12-21 03:51 - 000000000 ____D C:\Program Files\Fotolab
2021-03-30 12:57 - 2020-11-08 15:59 - 000074608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-03-30 12:57 - 2020-11-08 15:59 - 000064880 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-03-27 23:04 - 2020-04-04 15:55 - 000000000 ____D C:\Users\petrs\AppData\LocalLow\Mozilla
2021-03-27 23:04 - 2020-04-04 15:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-27 21:21 - 2021-03-03 21:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-25 14:10 - 2020-04-12 01:50 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Aegisub
2021-03-21 18:54 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR

==================== Files in the root of some directories ========

2020-12-24 19:02 - 2020-12-25 01:21 - 000002293 _____ () C:\Users\petrs\AppData\Roaming\ASSDraw3.cfg
2020-09-07 17:07 - 2020-09-07 17:07 - 047902775 _____ () C:\Users\petrs\AppData\Roaming\gta5_patch.bin
2020-05-07 15:54 - 2020-05-07 15:54 - 000286604 _____ () C:\Users\petrs\AppData\Roaming\oq3_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2020-09-07 17:07 - 2020-09-07 17:07 - 000332800 _____ () C:\Users\petrs\AppData\Roaming\patcher.dll
2020-11-10 12:51 - 2021-04-03 23:27 - 000000205 _____ () C:\Users\petrs\AppData\Local\oobelibMkey.log
2020-04-05 01:44 - 2020-04-14 19:06 - 000007606 _____ () C:\Users\petrs\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2021
Ran by petrs (16-04-2021 12:07:55)
Running from C:\Users\petrs\Desktop
Windows 10 Home Version 20H2 19042.928 (X64) (2021-02-06 20:57:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2494327022-153220514-1288694628-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494327022-153220514-1288694628-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2494327022-153220514-1288694628-1000 - Limited - Disabled)
Guest (S-1-5-21-2494327022-153220514-1288694628-501 - Limited - Disabled)
petrs (S-1-5-21-2494327022-153220514-1288694628-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2494327022-153220514-1288694628-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story CZ 5.3.260 (HKLM-x32\...\4Story_CZ_is1) (Version: 5.3.260 - Gameforge4D GmbH)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.1.1472 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
cFosSpeed 11.10 (HKLM\...\cFosSpeed) (Version: 11.10 - cFos Software GmbH, Bonn)
CPUID CPU-Z MSI 1.90 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.90 - CPUID, Inc.)
CrystalDiskInfo 8.5.2 Shizuku Edition (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1371 - Disc Soft Ltd)
Death Stranding v. 1.02 (HKLM-x32\...\Death Stranding_is1) (Version: - )
Discord (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{40941c42-b00c-4b98-900e-941e412fb676}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 5.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.5.0.0 - Free Time)
Game Capture (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_lnhebboianabbebhnpoodokcdcnmikacoeijpjfe) (Version: 1.0.0.0 - Overwolf app)
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Geeks3D FurMark 1.20.8.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Intel(R) Network Connections 25.4.0.6 (HKLM\...\PROSetDX) (Version: 25.4.0.6 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0226.01 - MSI)
Nero Burn and Archive 2019 (HKLM-x32\...\{C9ED3AA7-920B-49A0-BA84-10933EF4B481}) (Version: 20.0.00300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 465.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 465.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.168.0.12 - Overwolf Ltd.)
Portal verze 1.0.0.0 (HKLM-x32\...\{9AD3428A-B930-49E4-8966-1941D8B97CAC}_is1) (Version: 1.0.0.0 - Strogino CS Portal)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9102.1 - Realtek Semiconductor Corp.)
Replay HUD (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_hffhbjnafafjnehejohpkfhjdenpifhihebpkhni) (Version: 145.0.0 - Overwolf app)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.2.8.15 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
TeamSpeak 3 Client (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Xerox WorkCentre 3045NI (HKLM-x32\...\{DC944A50-9DEB-4D0C-83FD-D641A7775FF3}) (Version: 1.005.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{DC944A50-9DEB-4D0C-83FD-D641A7775FF3}) (Version: 1.005.00 - Xerox)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.103.0_x64__kzh8wxbdkxb8p [2021-03-17] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-06] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.6.5.0_x64__w2gh52qy24etm [2021-04-07] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-14] (NVIDIA Corp.)
PDF X -> C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.2.5.0_x64__sbe4t8mqwq93a [2021-04-03] (NG PDF Lab)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-04-14] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2494327022-153220514-1288694628-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\petrs\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3784df9edffd3314\nvshext.dll [2021-03-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\petrs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2020-09-06 17:39 - 2017-08-03 05:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll
2020-11-08 17:38 - 2020-11-30 17:17 - 001101824 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
2020-05-03 18:40 - 2011-05-16 15:20 - 015072256 _____ () [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\xrhr4aRC.DLL
2020-06-04 01:35 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2020-09-06 17:39 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-04-14 01:25 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2021-04-14 01:12 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Wi-Fi 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Bonjour Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: LogiRegistryService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 3
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2494327022-153220514-1288694628-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3914FC0A-0AD1-459B-935E-7BE2A6A86345}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6D56D860-E1F8-4071-9267-1CB5A89C40AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B7C0401-C6FD-4153-93CB-422BADA0F810}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB9C10F5-080C-4F6B-B562-DC98A780220E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B025A901-D9DA-4365-AB06-AC1E6F60B05E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B9BBD6A-DAD9-4836-9424-97FB5D5D86D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F8428B3F-0DC9-4769-81C5-53BC64924AA0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{F4C7BD29-C7F8-4E7E-946B-7EAC888D2571}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{AC6382C9-F121-4F0F-BDFF-2AFD32330800}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{9D84AF79-E719-46CF-90F5-5F6357D3CBF7}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{7AA9A434-6919-4ED5-8F30-63B4A95B72E1}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9BCD3426-0BC4-4A6D-B7CF-85491C3FFB56}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F2A835A2-7FD8-4090-BA4E-520701F1A72C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FC5B6C00-492C-42E5-8F7D-6509EBD3471C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D44D374C-C15C-45B8-90DB-0AF2E1585747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{C91844BC-9ABF-4885-9FA2-C29604AC2779}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{79EDA5E5-F49D-4CBE-B780-D8BAFC0C3ACD}] => (Allow) LPort=32682

==================== Restore Points =========================

13-04-2021 13:08:06 Naplánovaný kontrolní bod
15-04-2021 15:04:22 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Nahimic mirroring device
Description: Nahimic mirroring device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Nahimic
Service: Nahimic_Mirroring
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/16/2021 12:02:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ControlVoiceBoost.exe, verze: 1.0.0.3, časové razítko: 0xbe86a316
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.928, časové razítko: 0xa0caab76
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6a73
ID chybujícího procesu: 0x648
Čas spuštění chybující aplikace: 0x01d732a6adf8ce41
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 08e0782a-c219-4644-b722-4f09624819e4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/16/2021 03:01:41 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:39 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.

Error: (04/16/2021 03:01:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LEDKeeper2.exe, verze: 1.0.1.15, časové razítko: 0x60487780
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x091e3892
ID chybujícího procesu: 0x2138
Čas spuštění chybující aplikace: 0x01d7325607354d41
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: ada28f19-c2e0-4b07-afc4-4f26fda2c899
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/16/2021 03:01:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LEDKeeper2.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na MSI_LED.CControl.ResetItem(Int32)
na MSI_LED.App.CloseAPP()
na MSI_LED.App.Application_SessionEnding(System.Object, System.Windows.SessionEndingCancelEventArgs)
na System.Windows.Application.OnSessionEnding(System.Windows.SessionEndingCancelEventArgs)
na System.Windows.Application.WmQueryEndSession(IntPtr, IntPtr ByRef)
na System.Windows.Application.AppFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (04/16/2021 03:01:31 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2021 03:01:26 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (04/16/2021 12:03:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (04/16/2021 12:03:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (04/16/2021 12:03:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/16/2021 12:03:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (04/16/2021 12:03:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (04/16/2021 12:03:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll

Error: (04/16/2021 12:02:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U6H7SKL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/16/2021 12:02:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-04-16 02:57:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F231C8D9-B7DF-4675-9A2A-F891A9CD0703}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-U6H7SKL\petrs

Date: 2021-04-13 19:06:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D8F75077-93E1-41CA-9439-5A2D79C9C464}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-09 10:34:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4560EC7-53E8-419D-A295-DD514E19D0EB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-09 09:09:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1F1D3AB6-F17C-4DBB-A630-3373A518E31D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-05 14:57:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CD924070-008C-4C13-9A6D-CBC4CEA227DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-04-16 12:03:43
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Intel\Wired Networking\NCS2\Agent\Coinstaller.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.60 01/14/2020
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16332.19 MB
Available physical RAM: 11735.44 MB
Total Virtual: 32716.19 MB
Available Virtual: 25807.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.19 GB) (Free:159.12 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1284.19 GB) NTFS

\\?\Volume{1f09c536-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1F09C536)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Smazáno, log je již OK.