FRST - Problém se zahlcenou pamětí
Napsal: 10 pro 2021 13:06
Dobrý den
Po nějaké době užívání PC se paměť PC vždy brutálně. Správce úloh nezobrazuje žádný proces který by bral většinu paměti, ale paměť je 90+% plná.
PC je zasekané a mnohdy zamrzne zcela.. posílám log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Qzxop (administrator) on DESKTOP-JFQHQIE (MSI MS-7821) (10-12-2021 13:02:38)
Running from C:\Users\Qzxop\OneDrive\Plocha
Loaded Profiles: Qzxop
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7614\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Qzxop\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.0.8\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.0.8\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe <4>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Local\Temp\Twitch\Twitch.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe <7>
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\TwitchAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33616864 2021-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Discord] => C:\Users\Qzxop\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1087376 2021-12-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1807192 2021-12-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19886984 2021-03-02] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2021-12-09] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2021-03-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks LLC -> Rivet Networks)
Startup: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2020-10-04]
ShortcutTarget: GameRanger.lnk -> C:\Windows.old\Users\Qzxop\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (No File)
Startup: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-10-28]
ShortcutTarget: Twitch.lnk -> C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05762DC9-BA61-42EB-9529-A66D50686F5B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1CA24146-B8AB-4B44-8979-85C64FCA2A89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {243DDD7E-C0F4-4F3B-AE7F-B86AB7740DC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2477FC83-2AE1-4868-A3EF-ABA13D0E5AEA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3255360C-1FC1-47A3-970A-41ECD52F1901} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4425BAFA-CD76-4113-87F1-3EB76655FAF2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4E0F09AA-41A9-4525-959D-3AAA830CAD6E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68AC5C00-F64A-4807-9ECF-CC882589CC96} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {7B600D6C-3AA7-41DB-BA67-3AF5F60F9CC7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7D9D3CA0-79B4-4A4A-AE2B-E1AA53B8B2B6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D125382-40D7-4A00-BD09-9AEA53ABAFA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DF827B4-3C2A-408F-B58A-689B196B80B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-10-04] (Google Inc -> Google Inc.)
Task: {A2B04492-2B0D-48D0-94EC-5AD34E5A4999} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB4470CA-2B9C-4376-B9FB-02B123ADF85A} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)
Task: {AC95501E-10C8-4602-80A0-E4FB2664FFD4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA26F9AD-66DF-4D18-BB0B-FC4DAC58BB9D} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C49EB41C-2940-43CA-ADCD-7BEA6287E2A6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-07] (Overwolf Ltd -> Overwolf LTD)
Task: {C759395C-7FE1-4B1F-97E9-00A74866D058} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE6EA6DC-41F6-4BB0-9EE9-79AAE8A3E317} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEE50B36-45C9-43A1-ACA8-AF89003AB9D9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4ABBBE0-3869-4714-A901-C6FF9AA722C4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DE7E6661-8D4A-492B-BD4F-0891BC2E757C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-10-04] (Google Inc -> Google Inc.)
Task: {F4F0EE76-AD42-4695-A69C-248DC6AEA213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\MSIGH_Host.job => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
Task: C:\Windows\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.132.148.70
Tcpip\..\Interfaces\{cddf89cb-d2d6-47a7-b423-eb4a73492e41}: [DhcpNameServer] 213.194.204.126 85.132.148.70
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Qzxop\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-10]
FireFox:
========
FF DefaultProfile: ojjuuh42.default
FF ProfilePath: C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\ojjuuh42.default [2020-10-04]
FF ProfilePath: C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\2bgx2xmt.default-release [2021-12-10]
FF Notifications: Mozilla\Firefox\Profiles\2bgx2xmt.default-release -> hxxps://eu1.badoo.com
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\2bgx2xmt.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-09-14]
Chrome:
=======
CHR Profile: C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default [2021-12-10]
CHR Notifications: Default -> hxxps://www.netflix.com
CHR Extension: (Prezentace) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-20]
CHR Extension: (Dokumenty) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-20]
CHR Extension: (Disk Google) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]
CHR Extension: (Tabulky) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-11]
CHR Extension: (Gmail) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-12-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2021-12-09] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks LLC -> Rivet Networks)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2017-02-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2330296 2017-09-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-07] (Overwolf Ltd -> Overwolf LTD)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2021-12-04] () [File not signed]
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 esihdrv; C:\Users\Qzxop\AppData\Local\Temp\esihdrv.sys [205464 2021-12-10] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2021-12-04] () [File not signed]
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-10 12:33 - 2021-12-10 12:33 - 000007605 _____ C:\Users\Qzxop\AppData\Local\Resmon.ResmonCfg
2021-12-10 08:31 - 2021-12-10 08:31 - 000000000 ____D C:\Users\Qzxop\AppData\Local\LarianStudios
2021-12-10 03:37 - 2021-12-10 03:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 - Definitive Edition [GOG.com]
2021-12-10 03:37 - 2021-12-10 03:37 - 000000000 ____D C:\Program Files\dotnet
2021-12-10 01:12 - 2021-12-10 02:06 - 007543392 _____ (ESET) C:\Users\Qzxop\Downloads\sysinspector_nt64_csy.exe
2021-12-07 19:35 - 2021-12-08 21:13 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-12-07 19:35 - 2021-12-07 19:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-12-07 19:35 - 2021-12-07 19:35 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-07 19:35 - 2021-12-07 19:35 - 000000000 ___RD C:\Users\Default\OneDrive
2021-12-07 19:26 - 2021-12-10 13:02 - 000000000 ____D C:\FRST
2021-12-07 19:22 - 2021-12-07 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-06 11:28 - 2021-12-06 11:29 - 015446450 _____ C:\Users\Qzxop\Downloads\DOS2-CZ.zip
2021-12-06 11:24 - 2021-12-10 03:37 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\Larian Studios
2021-12-06 10:08 - 2021-12-06 10:12 - 000000000 ____D C:\Program Files\HWiNFO64
2021-12-06 10:08 - 2021-12-06 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-12-06 10:07 - 2021-12-06 10:07 - 009312488 _____ (Martin Malik - REALiX ) C:\Users\Qzxop\Downloads\hwi_714.exe
2021-12-05 15:58 - 2021-12-05 15:58 - 000000000 ____D C:\Users\Qzxop\AppData\Local\DeadByDaylight
2021-12-04 22:53 - 2021-12-04 23:16 - 1588961949 _____ C:\Users\Qzxop\Downloads\gothic_3_community_patch_175_14_int.zip
2021-12-04 22:41 - 2021-12-04 22:41 - 000303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2021-12-04 22:41 - 2021-12-04 22:41 - 000035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2021-12-04 22:38 - 2021-12-04 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III
2021-12-04 22:12 - 2021-12-04 22:12 - 000000000 ____D C:\ProgramData\RuPlatform
2021-12-04 22:12 - 2021-12-04 22:12 - 000000000 ____D C:\ProgramData\Gamewaker
2021-12-04 20:37 - 2021-12-04 20:37 - 000000000 ____D C:\Program Files\Epic Games
2021-12-04 20:10 - 2021-12-05 14:52 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\gothic3
2021-11-29 22:51 - 2021-11-29 22:51 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\GOG Galaxy
2021-11-17 13:12 - 2021-11-17 13:12 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-11-17 13:10 - 2021-11-09 23:27 - 000038016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000802232 _____ C:\Windows\system32\nvofapi64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-11-17 13:09 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000635008 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-11-17 13:09 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-11-17 13:09 - 2021-11-09 23:27 - 000085718 _____ C:\Windows\system32\nvinfo.pb
2021-11-11 20:50 - 2021-11-11 20:50 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-11 20:50 - 2021-11-11 20:50 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-11 20:50 - 2021-11-11 20:50 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-11 20:49 - 2021-11-11 20:49 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-11 20:44 - 2021-11-11 20:44 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-10 13:02 - 2020-10-28 22:55 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\Twitch
2021-12-10 13:02 - 2020-10-04 20:33 - 000000000 ____D C:\Program Files (x86)\Steam
2021-12-10 13:00 - 2020-10-04 19:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-10 13:00 - 2020-10-04 18:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-10 12:59 - 2020-10-22 20:41 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\discord
2021-12-10 12:58 - 2021-04-17 10:56 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Overwolf
2021-12-10 12:58 - 2021-03-28 17:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-10 12:58 - 2021-03-28 17:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-10 12:58 - 2020-10-23 21:16 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Battle.net
2021-12-10 12:58 - 2020-10-22 20:41 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Discord
2021-12-10 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-12-10 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-10 12:58 - 2019-03-26 00:35 - 000000000 ___RD C:\Users\Qzxop\OneDrive
2021-12-10 09:39 - 2019-03-26 00:39 - 000000000 ____D C:\Users\Qzxop\AppData\LocalLow\Mozilla
2021-12-10 08:47 - 2021-03-28 17:56 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-10 08:47 - 2019-12-07 15:43 - 000716726 _____ C:\Windows\system32\perfh005.dat
2021-12-10 08:47 - 2019-12-07 15:43 - 000144904 _____ C:\Windows\system32\perfc005.dat
2021-12-10 08:47 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-10 08:34 - 2021-03-28 15:08 - 000000000 ____D C:\Users\Qzxop
2021-12-10 08:34 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-10 08:31 - 2020-10-04 19:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-10 08:24 - 2019-03-30 11:21 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-12-10 03:37 - 2020-10-04 19:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-10 01:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-10 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-10 00:58 - 2021-04-17 10:57 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-12-10 00:57 - 2020-10-23 21:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-12-09 20:49 - 2021-11-08 20:29 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-12-08 21:11 - 2021-08-22 21:24 - 000000000 ____D C:\Program Files (x86)\Diablo III
2021-12-08 21:11 - 2020-10-04 19:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-07 21:46 - 2020-10-23 21:18 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2021-12-07 19:43 - 2020-10-04 19:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-07 19:37 - 2021-10-30 13:39 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-07 19:37 - 2020-10-04 19:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-07 13:04 - 2020-10-04 20:38 - 000000000 ____D C:\Users\Qzxop\AppData\Local\D3DSCache
2021-12-06 10:14 - 2021-04-18 17:19 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\uTorrent
2021-12-06 10:14 - 2020-10-05 00:53 - 000000000 ____D C:\Users\Qzxop\AppData\Local\CrashDumps
2021-12-05 15:57 - 2020-10-04 20:48 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\EasyAntiCheat
2021-12-05 03:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-04 22:38 - 2021-03-16 15:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-12-04 20:55 - 2020-10-04 18:17 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-04 16:42 - 2021-11-09 18:30 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\The Witcher 3
2021-11-17 22:48 - 2021-04-26 15:17 - 000003490 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723f2b848a6a4
2021-11-17 22:48 - 2021-03-28 17:52 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 13:12 - 2020-10-04 20:32 - 000000000 ____D C:\Users\Qzxop\AppData\Local\NVIDIA
2021-11-12 08:49 - 2021-03-28 17:47 - 000267672 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-12 00:48 - 2021-03-28 02:28 - 000000000 ____D C:\Windows\en-GB
2021-11-12 00:48 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-12 00:48 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-12 00:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-11-11 20:52 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-11 20:43 - 2020-10-04 22:53 - 000000000 ____D C:\Windows\system32\MRT
2021-11-11 20:42 - 2020-10-04 22:52 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-11 03:32 - 2021-02-04 17:26 - 000792192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-11-11 03:30 - 2021-02-04 17:26 - 007582144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-11-11 03:30 - 2021-02-04 17:26 - 006432960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
==================== Files in the root of some directories ========
2021-12-10 12:33 - 2021-12-10 12:33 - 000007605 _____ () C:\Users\Qzxop\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Qzxop (10-12-2021 13:03:49)
Running from C:\Users\Qzxop\OneDrive\Plocha
Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) (2021-03-28 16:52:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-620577423-2473918216-1560784355-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-620577423-2473918216-1560784355-503 - Limited - Disabled)
Guest (S-1-5-21-620577423-2473918216-1560784355-501 - Limited - Disabled)
Qzxop (S-1-5-21-620577423-2473918216-1560784355-1001 - Administrator - Enabled) => C:\Users\Qzxop
WDAGUtilityAccount (S-1-5-21-620577423-2473918216-1560784355-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BIOMUTANT (HKLM-x32\...\BIOMUTANT_is1) (Version: - )
Bloody7 (HKLM-x32\...\Bloody3) (Version: 21.03.0001 - Bloody)
Diablo II Resurrected (HKLM-x32\...\Diablo II Resurrected) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 - Definitive Edition (HKLM-x32\...\1584823040_is1) (Version: 3.6.117.3735 - GOG.com)
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ET: Legacy (HKLM-x32\...\ETLegacy) (Version: 2.77.1 - ET: Legacy Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HWiNFO64 Version 7.14 (HKLM\...\HWiNFO64_is1) (Version: 7.14 - Martin Malik - REALiX)
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Killer Bandwidth Control Filter Driver (HKLM\...\{5B7A2B7B-CEA9-4E50-B0E4-E82F204CBE78}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{77C95134-CA2D-4614-9C86-55B7A6A281AA}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{51B5A084-A40D-4F4B-90AA-EF8354EA7D96}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0 (x64 cs)) (Version: 95.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.24 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.98 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.45 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.29 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenGL Extensions Viewer 6.1 (HKLM-x32\...\GLVIEW3) (Version: 619 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.187.0.8 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Path of Building Community) (Version: 2.1.0 - Path of Building Community)
PoE Overlay (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Overwolf_cijcjjcjilpooaeppicpfibopeefaglkefjaeofl) (Version: 1.2.16 - Overwolf app)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 2.6.1 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC)
TFTactics (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Overwolf_delfmdadipjjmpajblkalfkbebcbldbknecigjpc) (Version: 1.4.6 - Overwolf app)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Twitch (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
WeakAuras Companion 3.3.3 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\574e4d1e-05f6-5376-9898-b829d00eef2e) (Version: 3.3.3 - Buds)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WowUp 2.4.7 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.4.7 - Jliddev)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-10] (Microsoft Corporation)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2021.4.13.0_x64__t5j2fzbtdg37r [2021-11-14] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.5.268.0_x64__v10z8vjag6ke6 [2021-12-07] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-17] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.1\OpenGL Extensions Viewer 6.1 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.1\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com
==================== Loaded Modules (Whitelisted) =============
2021-12-09 23:31 - 2021-12-09 23:34 - 104870912 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libcef.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libegl.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libglesv2.dll
2021-05-06 19:18 - 2017-04-17 03:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-04 19:37 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2021-04-16 10:48 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-10-04 19:37 - 2015-06-23 15:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2021-12-09 23:30 - 2021-12-09 23:30 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\chrome_elf.dll
2021-12-09 23:29 - 2021-12-09 23:29 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\audio\qtaudio_windows.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qgif.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qico.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qjpeg.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qmng.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qsvg.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qtiff.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\platforms\qwindows.dll
2021-12-09 23:34 - 2021-12-09 23:35 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Core.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Gui.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Multimedia.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Network.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Qml.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Quick.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Svg.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Widgets.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5WinExtras.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Xml.dll
2020-10-04 19:37 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Qzxop\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-10-04 19:10 - 2020-10-04 19:09 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-620577423-2473918216-1560784355-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.194.204.126 - 85.132.148.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Killer Bandwidth Control -> bf_ndislwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4B0D48BF-C0FA-4AA2-9E94-B44200D4C7E6}G:\game\rage2\rage2.exe] => (Allow) G:\game\rage2\rage2.exe => No File
FirewallRules: [TCP Query User{C17EF7C0-C59F-4841-84F3-D6A9F59CAE5C}G:\game\rage2\rage2.exe] => (Allow) G:\game\rage2\rage2.exe => No File
FirewallRules: [UDP Query User{EA197D3F-95EA-44D3-A221-4131A2A36C8E}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{9069A2C7-BA14-4699-983A-E2D4B4A34EB2}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{0A4A5214-CA45-4245-A10D-063DC35AFC96}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{919A229E-0A2C-4DF9-AC4A-259AD4AF6C6D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{5314D758-CE8B-4897-8C36-A975F972E1C0}G:\game\railwayempire\railwayempire.exe] => (Allow) G:\game\railwayempire\railwayempire.exe => No File
FirewallRules: [TCP Query User{468D3DA9-DB5A-4405-B564-56816057DAD5}G:\game\railwayempire\railwayempire.exe] => (Allow) G:\game\railwayempire\railwayempire.exe => No File
FirewallRules: [{0F422775-2265-4402-A959-5158050EC27E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FEADCA17-4306-401C-ADA9-886F18D229A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3FD5CAB3-989D-4A73-AC5D-1C6E6999DA20}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{A3C49129-996E-4B40-AD40-BBD7DA3808EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [UDP Query User{9E406D26-5E01-4B45-ACAD-DE7139F2F759}G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{D86F7E48-FE4A-43D0-BAA3-841AA44604F2}G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [{DADD050A-008B-4F84-B088-85D6EB92E047}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{00474B2B-E3F6-485F-9432-6CB2E5CBF017}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{68F3CE1D-24C6-4370-8EB3-53A127661616}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{C68A991E-6F68-49E6-9A25-6798C90C0304}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E1BF66CA-8D4B-4DA0-95D3-33EA9057D110}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{1430DBD2-EAC0-4B3F-855D-1F326AE78A26}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F05E0069-B4EE-4663-83F5-311E05299988}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4E0CB59-7CE7-4CC8-B55C-D0F22452E1F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CD7C9712-0D1B-4CEB-A32B-7ECD792C015A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BA35C54-175A-4F53-BAD7-FDDA4314B897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED2742C3-C2F4-452E-974F-88235C71D23E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5AA0A8C0-E056-449D-A726-0D697F07A371}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0383B9CF-A6FE-450B-8644-4E766BBE1FC1}C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{0713AD47-1F6A-4C8B-BB97-18143B694EF9}C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{E08620F1-D6D5-4488-BD8D-3F2E82C66F67}G:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) G:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [UDP Query User{D3C5A1C0-8462-4598-BF3C-6769CBB30FD4}G:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) G:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [TCP Query User{2604758D-FCFF-4C06-96E8-7B98E45B6CF8}G:\program files (x86)\hlsw\hlsw.exe] => (Allow) G:\program files (x86)\hlsw\hlsw.exe (Stripf Software) [File not signed]
FirewallRules: [UDP Query User{65C908EE-6618-47A7-A035-3CA2C9E550E2}G:\program files (x86)\hlsw\hlsw.exe] => (Allow) G:\program files (x86)\hlsw\hlsw.exe (Stripf Software) [File not signed]
FirewallRules: [TCP Query User{17A88894-F8CA-43B0-A45E-80C90B56046F}C:\program files (x86)\etlegacy\etl.exe] => (Allow) C:\program files (x86)\etlegacy\etl.exe (ET: Legacy) [File not signed]
FirewallRules: [UDP Query User{4020FEE2-62EF-4F68-A66F-BF5D4FC91C7C}C:\program files (x86)\etlegacy\etl.exe] => (Allow) C:\program files (x86)\etlegacy\etl.exe (ET: Legacy) [File not signed]
FirewallRules: [TCP Query User{C634046C-8987-44ED-9480-711CAEE86331}C:\program files (x86)\etlegacy\etlded.exe] => (Allow) C:\program files (x86)\etlegacy\etlded.exe (ET: Legacy) [File not signed]
FirewallRules: [UDP Query User{45B04F4D-C456-48F6-A68A-CC165E7DA6AB}C:\program files (x86)\etlegacy\etlded.exe] => (Allow) C:\program files (x86)\etlegacy\etlded.exe (ET: Legacy) [File not signed]
FirewallRules: [TCP Query User{B990586D-196C-4BDD-9F59-8DA402F86546}G:\game\shadowrunreturns\shadowrun.exe] => (Allow) G:\game\shadowrunreturns\shadowrun.exe => No File
FirewallRules: [UDP Query User{360DEEBD-4959-4FE2-A4D5-BBBBC10468B4}G:\game\shadowrunreturns\shadowrun.exe] => (Allow) G:\game\shadowrunreturns\shadowrun.exe => No File
FirewallRules: [{EDF838A2-8484-497F-8E2E-FB2D1AB14B49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2341B0C-5B0F-43F1-99EA-CA0AD3FCC158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{539986F5-F3C6-44A3-9E86-8AA4BEC6ED2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{27CBA0B4-ADC1-455F-ABF5-D654F10DC955}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{700B0725-984A-4DCF-85F6-581536584BEB}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{72B8D581-1C9B-488B-B8FB-B44283F6B76A}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{3CC40F7A-266F-494F-A0AC-5C9EEDD71C2B}C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{273F31FE-6B3A-4DB6-ABFB-CBB410AAC910}C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe => No File
FirewallRules: [{F9FE5BC3-2058-44A2-B22A-9ABC8F8A17E1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe () [File not signed]
FirewallRules: [{2807A815-5891-4D90-AE84-E676B605199E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe () [File not signed]
FirewallRules: [{549DFE7F-045D-4FB7-80FB-B0919ADB0528}] => (Allow) LPort=26789
FirewallRules: [TCP Query User{310913B5-99A5-4BE9-8F0B-26ED075D0B26}C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{812F27E7-563D-4696-B160-E4A55D67AEC3}C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{FDA4B412-639A-48CE-A940-98085A1D61C1}G:\program files (x86)\doom\doomx64.exe] => (Allow) G:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [UDP Query User{8DE7A06B-6EBB-497D-A57B-513F1DE90FA3}G:\program files (x86)\doom\doomx64.exe] => (Allow) G:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [TCP Query User{4B6701E0-FD30-4004-B3FC-B4602A69DE55}G:\program files (x86)\destiny 2\destiny2.exe] => (Allow) G:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{60FA4B51-AB91-4A77-AEDE-D0CFF3E6980B}G:\program files (x86)\destiny 2\destiny2.exe] => (Allow) G:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [{9426E5DD-4A39-41A3-8504-56F1E7F6EBAE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C4FB2677-F215-4EA7-8FDC-D7E4CE8A6E88}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{CCB37B09-FD6C-4B90-AB06-0133F26965CC}G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{2D734E38-2666-4202-A3F7-4F15C81B8F7E}G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{6AF689D7-BDF2-494F-A290-23241FFF612E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47C14D46-F318-4EF6-9F29-B722702BB2B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48AD15F7-16F4-41E0-A219-9B45DA72E55E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{616567FC-3EC3-4EC4-802F-9316039E7023}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0EDD4724-BD7E-4B17-A2C3-1EF533EF0FD8}G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{221F9791-C53F-4FC4-A706-F098F73B569D}G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe => No File
FirewallRules: [{A3570684-5494-4EFD-8843-97F244339D53}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{04D8DB0F-CEA3-464A-B3AC-DC4F890E4A40}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{CFCD0BBD-2AA6-425E-9931-DBF4B8BE58EA}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{2A97E1F0-077E-417C-9D06-0CB8828BBFC6}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{E8959352-0D0F-4411-BBC7-D7C8CDB2DBB0}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8452DBBF-E788-44F9-BA23-317C9E337962}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{7B358B6E-1D42-4F37-AAB3-FE58CA645F2C}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8A5F3BF4-3688-40FA-95BF-768581509093}] => (Block) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CC86D807-CC76-4377-9DF8-AAB830A9A79C}] => (Block) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{1758AFF4-D39D-4B93-BC59-70BD6BCF937A}G:\game\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) G:\game\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{AC57EDAB-1363-4AF4-8040-D225E14B6E8F}G:\game\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) G:\game\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
==================== Restore Points =========================
07-12-2021 11:39:48 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/10/2021 11:28:28 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:28:25 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:27:30 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:12:10 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:06:11 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:03:43 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:03:16 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/07/2021 08:02:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Run.exe verze 2020.3.4.47971 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: d14
Čas spuštění: 01d7eb9ccbf04b8c
Čas ukončení: 22
Cesta k aplikaci: G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe
ID hlášení: 6d2a465a-49e5-451f-bede-c6fdb1b3edb8
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
System errors:
=============
Error: (12/10/2021 12:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (12/10/2021 12:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 7 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 5 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 3 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 1 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 6 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 4 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Windows Defender:
================
Date: 2021-12-07 20:38:58
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T19:38:58.931Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 20:36:23
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T19:36:23.043Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:49:33
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:49:33.272Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:47:01
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:47:01.394Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:41:37
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:41:37.509Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Event[0]:
Date: 2021-12-10 11:18:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-10 11:16:06
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-06 04:34:49
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-06 04:27:54
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-05 02:48:17
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===============
Date: 2021-12-10 12:58:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-12-10 12:58:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.9 07/21/2014
Motherboard: MSI Z87-G45 GAMING (MS-7821)
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16327.93 MB
Available physical RAM: 11236.29 MB
Total Virtual: 28103.93 MB
Available Virtual: 20493.33 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.77 GB) (Free:16.89 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:930.6 GB) (Free:208.31 GB) NTFS
\\?\Volume{97f00901-245a-46a3-9075-7f03771c300a}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{e07c9525-0d29-4fa5-98a4-84e1fb8523aa}\ () (Fixed) (Total:0.51 GB) (Free:0.09 GB) NTFS
\\?\Volume{7f4c078e-0000-0000-0000-90ace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{44dc8da5-d8f4-4748-b8ce-14b19b062598}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F4C078E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=835 MB) - (Type=27)
==================== End of Addition.txt =======================
Po nějaké době užívání PC se paměť PC vždy brutálně. Správce úloh nezobrazuje žádný proces který by bral většinu paměti, ale paměť je 90+% plná.
PC je zasekané a mnohdy zamrzne zcela.. posílám log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Qzxop (administrator) on DESKTOP-JFQHQIE (MSI MS-7821) (10-12-2021 13:02:38)
Running from C:\Users\Qzxop\OneDrive\Plocha
Loaded Profiles: Qzxop
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7614\Agent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Qzxop\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe <2>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.0.8\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.187.0.8\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe <4>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Local\Temp\Twitch\Twitch.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe <7>
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\TwitchAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33616864 2021-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Discord] => C:\Users\Qzxop\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1087376 2021-12-09] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1807192 2021-12-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19886984 2021-03-02] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2021-12-09] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-620577423-2473918216-1560784355-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2543992 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2021-03-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks LLC -> Rivet Networks)
Startup: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2020-10-04]
ShortcutTarget: GameRanger.lnk -> C:\Windows.old\Users\Qzxop\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (No File)
Startup: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-10-28]
ShortcutTarget: Twitch.lnk -> C:\Users\Qzxop\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05762DC9-BA61-42EB-9529-A66D50686F5B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1CA24146-B8AB-4B44-8979-85C64FCA2A89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {243DDD7E-C0F4-4F3B-AE7F-B86AB7740DC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2477FC83-2AE1-4868-A3EF-ABA13D0E5AEA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3255360C-1FC1-47A3-970A-41ECD52F1901} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4425BAFA-CD76-4113-87F1-3EB76655FAF2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4E0F09AA-41A9-4525-959D-3AAA830CAD6E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68AC5C00-F64A-4807-9ECF-CC882589CC96} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {7B600D6C-3AA7-41DB-BA67-3AF5F60F9CC7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7D9D3CA0-79B4-4A4A-AE2B-E1AA53B8B2B6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D125382-40D7-4A00-BD09-9AEA53ABAFA3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DF827B4-3C2A-408F-B58A-689B196B80B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-10-04] (Google Inc -> Google Inc.)
Task: {A2B04492-2B0D-48D0-94EC-5AD34E5A4999} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB4470CA-2B9C-4376-B9FB-02B123ADF85A} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)
Task: {AC95501E-10C8-4602-80A0-E4FB2664FFD4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA26F9AD-66DF-4D18-BB0B-FC4DAC58BB9D} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C49EB41C-2940-43CA-ADCD-7BEA6287E2A6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-07] (Overwolf Ltd -> Overwolf LTD)
Task: {C759395C-7FE1-4B1F-97E9-00A74866D058} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4074344 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE6EA6DC-41F6-4BB0-9EE9-79AAE8A3E317} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEE50B36-45C9-43A1-ACA8-AF89003AB9D9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4ABBBE0-3869-4714-A901-C6FF9AA722C4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DE7E6661-8D4A-492B-BD4F-0891BC2E757C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-10-04] (Google Inc -> Google Inc.)
Task: {F4F0EE76-AD42-4695-A69C-248DC6AEA213} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\MSIGH_Host.job => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
Task: C:\Windows\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.132.148.70
Tcpip\..\Interfaces\{cddf89cb-d2d6-47a7-b423-eb4a73492e41}: [DhcpNameServer] 213.194.204.126 85.132.148.70
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Qzxop\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-10]
FireFox:
========
FF DefaultProfile: ojjuuh42.default
FF ProfilePath: C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\ojjuuh42.default [2020-10-04]
FF ProfilePath: C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\2bgx2xmt.default-release [2021-12-10]
FF Notifications: Mozilla\Firefox\Profiles\2bgx2xmt.default-release -> hxxps://eu1.badoo.com
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Qzxop\AppData\Roaming\Mozilla\Firefox\Profiles\2bgx2xmt.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-09-14]
Chrome:
=======
CHR Profile: C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default [2021-12-10]
CHR Notifications: Default -> hxxps://www.netflix.com
CHR Extension: (Prezentace) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-20]
CHR Extension: (Dokumenty) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-20]
CHR Extension: (Disk Google) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]
CHR Extension: (Tabulky) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-11]
CHR Extension: (Gmail) - C:\Users\Qzxop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-12-05] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncHelper.exe [3280760 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2021-12-09] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-09-30] (GOG Sp. z o.o. -> GOG.com)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks LLC -> Rivet Networks)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2017-02-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2330296 2017-09-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.230.1107.0004\OneDriveUpdaterService.exe [3737976 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-12-07] (Overwolf Ltd -> Overwolf LTD)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2021-12-04] () [File not signed]
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 esihdrv; C:\Users\Qzxop\AppData\Local\Temp\esihdrv.sys [205464 2021-12-10] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2021-12-04] () [File not signed]
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-10 12:33 - 2021-12-10 12:33 - 000007605 _____ C:\Users\Qzxop\AppData\Local\Resmon.ResmonCfg
2021-12-10 08:31 - 2021-12-10 08:31 - 000000000 ____D C:\Users\Qzxop\AppData\Local\LarianStudios
2021-12-10 03:37 - 2021-12-10 03:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity - Original Sin 2 - Definitive Edition [GOG.com]
2021-12-10 03:37 - 2021-12-10 03:37 - 000000000 ____D C:\Program Files\dotnet
2021-12-10 01:12 - 2021-12-10 02:06 - 007543392 _____ (ESET) C:\Users\Qzxop\Downloads\sysinspector_nt64_csy.exe
2021-12-07 19:35 - 2021-12-08 21:13 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-12-07 19:35 - 2021-12-07 19:35 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-12-07 19:35 - 2021-12-07 19:35 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-07 19:35 - 2021-12-07 19:35 - 000000000 ___RD C:\Users\Default\OneDrive
2021-12-07 19:26 - 2021-12-10 13:02 - 000000000 ____D C:\FRST
2021-12-07 19:22 - 2021-12-07 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-06 11:28 - 2021-12-06 11:29 - 015446450 _____ C:\Users\Qzxop\Downloads\DOS2-CZ.zip
2021-12-06 11:24 - 2021-12-10 03:37 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\Larian Studios
2021-12-06 10:08 - 2021-12-06 10:12 - 000000000 ____D C:\Program Files\HWiNFO64
2021-12-06 10:08 - 2021-12-06 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-12-06 10:07 - 2021-12-06 10:07 - 009312488 _____ (Martin Malik - REALiX ) C:\Users\Qzxop\Downloads\hwi_714.exe
2021-12-05 15:58 - 2021-12-05 15:58 - 000000000 ____D C:\Users\Qzxop\AppData\Local\DeadByDaylight
2021-12-04 22:53 - 2021-12-04 23:16 - 1588961949 _____ C:\Users\Qzxop\Downloads\gothic_3_community_patch_175_14_int.zip
2021-12-04 22:41 - 2021-12-04 22:41 - 000303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2021-12-04 22:41 - 2021-12-04 22:41 - 000035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2021-12-04 22:38 - 2021-12-04 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III
2021-12-04 22:12 - 2021-12-04 22:12 - 000000000 ____D C:\ProgramData\RuPlatform
2021-12-04 22:12 - 2021-12-04 22:12 - 000000000 ____D C:\ProgramData\Gamewaker
2021-12-04 20:37 - 2021-12-04 20:37 - 000000000 ____D C:\Program Files\Epic Games
2021-12-04 20:10 - 2021-12-05 14:52 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\gothic3
2021-11-29 22:51 - 2021-11-29 22:51 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\GOG Galaxy
2021-11-17 13:12 - 2021-11-17 13:12 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-11-17 13:10 - 2021-11-09 23:27 - 000038016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001874664 _____ C:\Windows\system32\vulkaninfo.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001464960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001450216 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-11-17 13:09 - 2021-11-11 03:36 - 001208248 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 001111272 _____ C:\Windows\system32\vulkan-1.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-17 13:09 - 2021-11-11 03:36 - 000965352 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 002116536 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001597568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001523328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 001174456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000802232 _____ C:\Windows\system32\nvofapi64.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000709560 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-11-17 13:09 - 2021-11-11 03:33 - 000678328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000656512 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000635008 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-11-17 13:09 - 2021-11-11 03:33 - 000564352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 008725944 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 007845816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 005730224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 004940728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 002850432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 000981120 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-11-17 13:09 - 2021-11-11 03:32 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-11-17 13:09 - 2021-11-11 03:31 - 000850872 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-11-17 13:09 - 2021-11-09 23:27 - 000085718 _____ C:\Windows\system32\nvinfo.pb
2021-11-11 20:50 - 2021-11-11 20:50 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-11 20:50 - 2021-11-11 20:50 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-11 20:50 - 2021-11-11 20:50 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-11 20:49 - 2021-11-11 20:49 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-11 20:44 - 2021-11-11 20:44 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-10 13:02 - 2020-10-28 22:55 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\Twitch
2021-12-10 13:02 - 2020-10-04 20:33 - 000000000 ____D C:\Program Files (x86)\Steam
2021-12-10 13:00 - 2020-10-04 19:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-10 13:00 - 2020-10-04 18:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-10 12:59 - 2020-10-22 20:41 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\discord
2021-12-10 12:58 - 2021-04-17 10:56 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Overwolf
2021-12-10 12:58 - 2021-03-28 17:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-10 12:58 - 2021-03-28 17:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-10 12:58 - 2020-10-23 21:16 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Battle.net
2021-12-10 12:58 - 2020-10-22 20:41 - 000000000 ____D C:\Users\Qzxop\AppData\Local\Discord
2021-12-10 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-12-10 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-10 12:58 - 2019-03-26 00:35 - 000000000 ___RD C:\Users\Qzxop\OneDrive
2021-12-10 09:39 - 2019-03-26 00:39 - 000000000 ____D C:\Users\Qzxop\AppData\LocalLow\Mozilla
2021-12-10 08:47 - 2021-03-28 17:56 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-10 08:47 - 2019-12-07 15:43 - 000716726 _____ C:\Windows\system32\perfh005.dat
2021-12-10 08:47 - 2019-12-07 15:43 - 000144904 _____ C:\Windows\system32\perfc005.dat
2021-12-10 08:47 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-10 08:34 - 2021-03-28 15:08 - 000000000 ____D C:\Users\Qzxop
2021-12-10 08:34 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-10 08:31 - 2020-10-04 19:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-10 08:24 - 2019-03-30 11:21 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-12-10 03:37 - 2020-10-04 19:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-10 01:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-10 01:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-10 00:58 - 2021-04-17 10:57 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-12-10 00:57 - 2020-10-23 21:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-12-09 20:49 - 2021-11-08 20:29 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-12-08 21:11 - 2021-08-22 21:24 - 000000000 ____D C:\Program Files (x86)\Diablo III
2021-12-08 21:11 - 2020-10-04 19:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-07 21:46 - 2020-10-23 21:18 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2021-12-07 19:43 - 2020-10-04 19:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-07 19:37 - 2021-10-30 13:39 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-07 19:37 - 2020-10-04 19:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-07 13:04 - 2020-10-04 20:38 - 000000000 ____D C:\Users\Qzxop\AppData\Local\D3DSCache
2021-12-06 10:14 - 2021-04-18 17:19 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\uTorrent
2021-12-06 10:14 - 2020-10-05 00:53 - 000000000 ____D C:\Users\Qzxop\AppData\Local\CrashDumps
2021-12-05 15:57 - 2020-10-04 20:48 - 000000000 ____D C:\Users\Qzxop\AppData\Roaming\EasyAntiCheat
2021-12-05 03:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-04 22:38 - 2021-03-16 15:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-12-04 20:55 - 2020-10-04 18:17 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-04 16:42 - 2021-11-09 18:30 - 000000000 ____D C:\Users\Qzxop\OneDrive\Dokumenty\The Witcher 3
2021-11-17 22:48 - 2021-04-26 15:17 - 000003490 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723f2b848a6a4
2021-11-17 22:48 - 2021-03-28 17:52 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 13:12 - 2020-10-04 20:32 - 000000000 ____D C:\Users\Qzxop\AppData\Local\NVIDIA
2021-11-12 08:49 - 2021-03-28 17:47 - 000267672 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-12 00:48 - 2021-03-28 02:28 - 000000000 ____D C:\Windows\en-GB
2021-11-12 00:48 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-12 00:48 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-12 00:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-12 00:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-11-11 20:52 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-11 20:43 - 2020-10-04 22:53 - 000000000 ____D C:\Windows\system32\MRT
2021-11-11 20:42 - 2020-10-04 22:52 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-11 03:32 - 2021-02-04 17:26 - 000792192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-11-11 03:30 - 2021-02-04 17:26 - 007582144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-11-11 03:30 - 2021-02-04 17:26 - 006432960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
==================== Files in the root of some directories ========
2021-12-10 12:33 - 2021-12-10 12:33 - 000007605 _____ () C:\Users\Qzxop\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2021
Ran by Qzxop (10-12-2021 13:03:49)
Running from C:\Users\Qzxop\OneDrive\Plocha
Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) (2021-03-28 16:52:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-620577423-2473918216-1560784355-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-620577423-2473918216-1560784355-503 - Limited - Disabled)
Guest (S-1-5-21-620577423-2473918216-1560784355-501 - Limited - Disabled)
Qzxop (S-1-5-21-620577423-2473918216-1560784355-1001 - Administrator - Enabled) => C:\Users\Qzxop
WDAGUtilityAccount (S-1-5-21-620577423-2473918216-1560784355-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BIOMUTANT (HKLM-x32\...\BIOMUTANT_is1) (Version: - )
Bloody7 (HKLM-x32\...\Bloody3) (Version: 21.03.0001 - Bloody)
Diablo II Resurrected (HKLM-x32\...\Diablo II Resurrected) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 - Definitive Edition (HKLM-x32\...\1584823040_is1) (Version: 3.6.117.3735 - GOG.com)
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ET: Legacy (HKLM-x32\...\ETLegacy) (Version: 2.77.1 - ET: Legacy Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HWiNFO64 Version 7.14 (HKLM\...\HWiNFO64_is1) (Version: 7.14 - Martin Malik - REALiX)
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Killer Bandwidth Control Filter Driver (HKLM\...\{5B7A2B7B-CEA9-4E50-B0E4-E82F204CBE78}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{77C95134-CA2D-4614-9C86-55B7A6A281AA}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{51B5A084-A40D-4F4B-90AA-EF8354EA7D96}) (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.43 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 95.0 (x64 cs)) (Version: 95.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0.1 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.24 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.98 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.45 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.29 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 496.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.76 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenGL Extensions Viewer 6.1 (HKLM-x32\...\GLVIEW3) (Version: 619 - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.187.0.8 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Path of Building Community) (Version: 2.1.0 - Path of Building Community)
PoE Overlay (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Overwolf_cijcjjcjilpooaeppicpfibopeefaglkefjaeofl) (Version: 1.2.16 - Overwolf app)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 2.6.1 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.6.1 - Telegram FZ-LLC)
TFTactics (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\Overwolf_delfmdadipjjmpajblkalfkbebcbldbknecigjpc) (Version: 1.4.6 - Overwolf app)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Twitch (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
WeakAuras Companion 3.3.3 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\574e4d1e-05f6-5376-9898-b829d00eef2e) (Version: 3.3.3 - Buds)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WowUp 2.4.7 (HKU\S-1-5-21-620577423-2473918216-1560784355-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.4.7 - Jliddev)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-10] (Microsoft Corporation)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2021.4.13.0_x64__t5j2fzbtdg37r [2021-11-14] (DTS, Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.5.268.0_x64__v10z8vjag6ke6 [2021-12-07] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-11-17] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.230.1107.0004\FileSyncShell64.dll [2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b7184c0e1c94c102\nvshext.dll [2021-11-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.1\OpenGL Extensions Viewer 6.1 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Qzxop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.1\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com
==================== Loaded Modules (Whitelisted) =============
2021-12-09 23:31 - 2021-12-09 23:34 - 104870912 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libcef.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libegl.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 006227456 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\libglesv2.dll
2021-05-06 19:18 - 2017-04-17 03:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-04 19:37 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2021-04-16 10:48 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-10-04 19:37 - 2015-06-23 15:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2021-12-09 23:30 - 2021-12-09 23:30 - 000810496 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\chrome_elf.dll
2021-12-09 23:29 - 2021-12-09 23:29 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\audio\qtaudio_windows.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qgif.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qico.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qjpeg.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qmng.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qsvg.dll
2021-12-09 23:31 - 2021-12-09 23:31 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\imageformats\qtiff.dll
2021-12-09 23:34 - 2021-12-09 23:34 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\platforms\qwindows.dll
2021-12-09 23:34 - 2021-12-09 23:35 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Core.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Gui.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Multimedia.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Network.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Qml.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Quick.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Svg.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Widgets.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5WinExtras.dll
2021-12-09 23:35 - 2021-12-09 23:35 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.13229\Qt5Xml.dll
2020-10-04 19:37 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Qzxop\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-10-04 19:10 - 2020-10-04 19:09 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-620577423-2473918216-1560784355-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-620577423-2473918216-1560784355-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.194.204.126 - 85.132.148.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Killer Bandwidth Control -> bf_ndislwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4B0D48BF-C0FA-4AA2-9E94-B44200D4C7E6}G:\game\rage2\rage2.exe] => (Allow) G:\game\rage2\rage2.exe => No File
FirewallRules: [TCP Query User{C17EF7C0-C59F-4841-84F3-D6A9F59CAE5C}G:\game\rage2\rage2.exe] => (Allow) G:\game\rage2\rage2.exe => No File
FirewallRules: [UDP Query User{EA197D3F-95EA-44D3-A221-4131A2A36C8E}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{9069A2C7-BA14-4699-983A-E2D4B4A34EB2}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{0A4A5214-CA45-4245-A10D-063DC35AFC96}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{919A229E-0A2C-4DF9-AC4A-259AD4AF6C6D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{5314D758-CE8B-4897-8C36-A975F972E1C0}G:\game\railwayempire\railwayempire.exe] => (Allow) G:\game\railwayempire\railwayempire.exe => No File
FirewallRules: [TCP Query User{468D3DA9-DB5A-4405-B564-56816057DAD5}G:\game\railwayempire\railwayempire.exe] => (Allow) G:\game\railwayempire\railwayempire.exe => No File
FirewallRules: [{0F422775-2265-4402-A959-5158050EC27E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FEADCA17-4306-401C-ADA9-886F18D229A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3FD5CAB3-989D-4A73-AC5D-1C6E6999DA20}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{A3C49129-996E-4B40-AD40-BBD7DA3808EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [UDP Query User{9E406D26-5E01-4B45-ACAD-DE7139F2F759}G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{D86F7E48-FE4A-43D0-BAA3-841AA44604F2}G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) G:\game\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [{DADD050A-008B-4F84-B088-85D6EB92E047}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{00474B2B-E3F6-485F-9432-6CB2E5CBF017}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{68F3CE1D-24C6-4370-8EB3-53A127661616}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{C68A991E-6F68-49E6-9A25-6798C90C0304}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E1BF66CA-8D4B-4DA0-95D3-33EA9057D110}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{1430DBD2-EAC0-4B3F-855D-1F326AE78A26}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{F05E0069-B4EE-4663-83F5-311E05299988}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4E0CB59-7CE7-4CC8-B55C-D0F22452E1F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CD7C9712-0D1B-4CEB-A32B-7ECD792C015A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BA35C54-175A-4F53-BAD7-FDDA4314B897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ED2742C3-C2F4-452E-974F-88235C71D23E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5AA0A8C0-E056-449D-A726-0D697F07A371}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0383B9CF-A6FE-450B-8644-4E766BBE1FC1}C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{0713AD47-1F6A-4C8B-BB97-18143B694EF9}C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\qzxop\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{E08620F1-D6D5-4488-BD8D-3F2E82C66F67}G:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) G:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [UDP Query User{D3C5A1C0-8462-4598-BF3C-6769CBB30FD4}G:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) G:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [TCP Query User{2604758D-FCFF-4C06-96E8-7B98E45B6CF8}G:\program files (x86)\hlsw\hlsw.exe] => (Allow) G:\program files (x86)\hlsw\hlsw.exe (Stripf Software) [File not signed]
FirewallRules: [UDP Query User{65C908EE-6618-47A7-A035-3CA2C9E550E2}G:\program files (x86)\hlsw\hlsw.exe] => (Allow) G:\program files (x86)\hlsw\hlsw.exe (Stripf Software) [File not signed]
FirewallRules: [TCP Query User{17A88894-F8CA-43B0-A45E-80C90B56046F}C:\program files (x86)\etlegacy\etl.exe] => (Allow) C:\program files (x86)\etlegacy\etl.exe (ET: Legacy) [File not signed]
FirewallRules: [UDP Query User{4020FEE2-62EF-4F68-A66F-BF5D4FC91C7C}C:\program files (x86)\etlegacy\etl.exe] => (Allow) C:\program files (x86)\etlegacy\etl.exe (ET: Legacy) [File not signed]
FirewallRules: [TCP Query User{C634046C-8987-44ED-9480-711CAEE86331}C:\program files (x86)\etlegacy\etlded.exe] => (Allow) C:\program files (x86)\etlegacy\etlded.exe (ET: Legacy) [File not signed]
FirewallRules: [UDP Query User{45B04F4D-C456-48F6-A68A-CC165E7DA6AB}C:\program files (x86)\etlegacy\etlded.exe] => (Allow) C:\program files (x86)\etlegacy\etlded.exe (ET: Legacy) [File not signed]
FirewallRules: [TCP Query User{B990586D-196C-4BDD-9F59-8DA402F86546}G:\game\shadowrunreturns\shadowrun.exe] => (Allow) G:\game\shadowrunreturns\shadowrun.exe => No File
FirewallRules: [UDP Query User{360DEEBD-4959-4FE2-A4D5-BBBBC10468B4}G:\game\shadowrunreturns\shadowrun.exe] => (Allow) G:\game\shadowrunreturns\shadowrun.exe => No File
FirewallRules: [{EDF838A2-8484-497F-8E2E-FB2D1AB14B49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2341B0C-5B0F-43F1-99EA-CA0AD3FCC158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{539986F5-F3C6-44A3-9E86-8AA4BEC6ED2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{27CBA0B4-ADC1-455F-ABF5-D654F10DC955}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{700B0725-984A-4DCF-85F6-581536584BEB}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{72B8D581-1C9B-488B-B8FB-B44283F6B76A}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{3CC40F7A-266F-494F-A0AC-5C9EEDD71C2B}C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{273F31FE-6B3A-4DB6-ABFB-CBB410AAC910}C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base85894\heroesofthestorm_x64.exe => No File
FirewallRules: [{F9FE5BC3-2058-44A2-B22A-9ABC8F8A17E1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe () [File not signed]
FirewallRules: [{2807A815-5891-4D90-AE84-E676B605199E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe () [File not signed]
FirewallRules: [{549DFE7F-045D-4FB7-80FB-B0919ADB0528}] => (Allow) LPort=26789
FirewallRules: [TCP Query User{310913B5-99A5-4BE9-8F0B-26ED075D0B26}C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{812F27E7-563D-4696-B160-E4A55D67AEC3}C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base86223\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{FDA4B412-639A-48CE-A940-98085A1D61C1}G:\program files (x86)\doom\doomx64.exe] => (Allow) G:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [UDP Query User{8DE7A06B-6EBB-497D-A57B-513F1DE90FA3}G:\program files (x86)\doom\doomx64.exe] => (Allow) G:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [TCP Query User{4B6701E0-FD30-4004-B3FC-B4602A69DE55}G:\program files (x86)\destiny 2\destiny2.exe] => (Allow) G:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{60FA4B51-AB91-4A77-AEDE-D0CFF3E6980B}G:\program files (x86)\destiny 2\destiny2.exe] => (Allow) G:\program files (x86)\destiny 2\destiny2.exe => No File
FirewallRules: [{9426E5DD-4A39-41A3-8504-56F1E7F6EBAE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C4FB2677-F215-4EA7-8FDC-D7E4CE8A6E88}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{CCB37B09-FD6C-4B90-AB06-0133F26965CC}G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{2D734E38-2666-4202-A3F7-4F15C81B8F7E}G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{6AF689D7-BDF2-494F-A290-23241FFF612E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47C14D46-F318-4EF6-9F29-B722702BB2B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48AD15F7-16F4-41E0-A219-9B45DA72E55E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{616567FC-3EC3-4EC4-802F-9316039E7023}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0EDD4724-BD7E-4B17-A2C3-1EF533EF0FD8}G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{221F9791-C53F-4FC4-A706-F098F73B569D}G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe] => (Allow) G:\game\divinity original sin 2 definitive edition\defed\bin\eocapp.exe => No File
FirewallRules: [{A3570684-5494-4EFD-8843-97F244339D53}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{04D8DB0F-CEA3-464A-B3AC-DC4F890E4A40}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{CFCD0BBD-2AA6-425E-9931-DBF4B8BE58EA}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{2A97E1F0-077E-417C-9D06-0CB8828BBFC6}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{E8959352-0D0F-4411-BBC7-D7C8CDB2DBB0}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8452DBBF-E788-44F9-BA23-317C9E337962}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{7B358B6E-1D42-4F37-AAB3-FE58CA645F2C}] => (Allow) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8A5F3BF4-3688-40FA-95BF-768581509093}] => (Block) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CC86D807-CC76-4377-9DF8-AAB830A9A79C}] => (Block) C:\Program Files (x86)\Overwolf\0.187.0.8\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{1758AFF4-D39D-4B93-BC59-70BD6BCF937A}G:\game\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) G:\game\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{AC57EDAB-1363-4AF4-8040-D225E14B6E8F}G:\game\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) G:\game\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
==================== Restore Points =========================
07-12-2021 11:39:48 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/10/2021 11:28:28 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:28:25 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:27:30 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:12:10 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:06:11 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:03:43 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/10/2021 11:03:16 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-JFQHQIE)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (12/07/2021 08:02:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Run.exe verze 2020.3.4.47971 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: d14
Čas spuštění: 01d7eb9ccbf04b8c
Čas ukončení: 22
Cesta k aplikaci: G:\Program Files (x86)\Steam\steamapps\common\Bro Falls Ultimate Showdown\Run.exe
ID hlášení: 6d2a465a-49e5-451f-bede-c6fdb1b3edb8
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
System errors:
=============
Error: (12/10/2021 12:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (12/10/2021 12:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 7 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 5 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 3 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 1 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 6 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Error: (12/10/2021 12:58:07 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 4 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.
Windows Defender:
================
Date: 2021-12-07 20:38:58
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T19:38:58.931Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 20:36:23
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T19:36:23.043Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:49:33
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:49:33.272Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:47:01
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:47:01.394Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Date: 2021-12-07 19:41:37
Description:
Řízený přístup ke složkám zablokoval pro G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe možnost upravit %userprofile%\Documents\Steam\CODEX\435150\local.
Čas detekce: 2021-12-07T18:41:37.509Z
Uživatel: DESKTOP-JFQHQIE\Qzxop
Cesta: %userprofile%\Documents\Steam\CODEX\435150\local
Název procesu: G:\game\Divinity Original Sin 2 Definitive Edition\DefEd\bin\EoCApp.exe
Verze bezpečnostních informací: 1.353.2228.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6
Event[0]:
Date: 2021-12-10 11:18:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-10 11:16:06
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-06 04:34:49
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-06 04:27:54
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2021-12-05 02:48:17
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===============
Date: 2021-12-10 12:58:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-12-10 12:58:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.9 07/21/2014
Motherboard: MSI Z87-G45 GAMING (MS-7821)
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16327.93 MB
Available physical RAM: 11236.29 MB
Total Virtual: 28103.93 MB
Available Virtual: 20493.33 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.77 GB) (Free:16.89 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:930.6 GB) (Free:208.31 GB) NTFS
\\?\Volume{97f00901-245a-46a3-9075-7f03771c300a}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{e07c9525-0d29-4fa5-98a4-84e1fb8523aa}\ () (Fixed) (Total:0.51 GB) (Free:0.09 GB) NTFS
\\?\Volume{7f4c078e-0000-0000-0000-90ace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{44dc8da5-d8f4-4748-b8ce-14b19b062598}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F4C078E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=835 MB) - (Type=27)
==================== End of Addition.txt =======================
