Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Nedostatek paměti

To, co se nehodí jinam..

Moderátor: Moderátoři

Zpráva
Autor
Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Nedostatek paměti

#1 Příspěvek od Bucek »

Dobrý den
přikládám log. dotaz zní ntb. při online hrách neustále píše
nedostatek paměti restartujte hru a pokud ji restartuji a začnu hrát stejně
mi hra spadne. Musím vždy vypnout ntb a potom hra zase nějakou dobu jede.
zkoušel jsem veškeré možnosti ale vysledek stále stejný. Stránkovací soubory to jsem zkusil co šlo ,ovladače aktualizoval, snížl nároky na hru, prostě si nevím rady proč to dělá. tak ještě jestli tu nemám nějaké viry.
Děkuji Bucek.galler@seznam.cz

Additional scan result of Farbar Recovery Scan Tool (x64) Version:
27-12-2021
Ran by Bucek (05-01-2022 12:16:41)
Running from C:\Users\Bucek\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) (2021-05-09
14:20:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3510672185-1141471611-2441468897-500 -
Administrator - Disabled)
Bucek (S-1-5-21-3510672185-1141471611-2441468897-1001 - Administrator -
Enabled) => C:\Users\Bucek
DefaultAccount (S-1-5-21-3510672185-1141471611-2441468897-503 - Limited -
Disabled)
Guest (S-1-5-21-3510672185-1141471611-2441468897-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3510672185-1141471611-2441468897-504 - Limited
- Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date)
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist
to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor
Pavlov)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version:
7.8.3779.0 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{f6465dc4-c684-41fa-ab39-8d05c75904cd}) (Version:
7.8.3779.0 - Adguard Software Ltd)
Apple Mobile Device Support
(HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 -
Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44})
(Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1
- Apple Inc.)
Gears 5 (HKLM-x32\...\Gears 5_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google
LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1)
(Version: - Happy Foto CZ)
iTunes (HKLM\...\{604E49A2-AFBA-4478-B5C9-C6DE73F7C0ED}) (Version:
12.12.2.2 - Apple Inc.)
Kontrola stavu osobního počítače s Windows
(HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001
- Microsoft Corporation)
Land of War: The Beginning (HKLM-x32\...\Land of War: The Beginning_is1)
(Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 -
Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail
- cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\OneDriveSetup.exe)
(Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools
(HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 -
Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821
(HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version:
14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821
(HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version:
14.22.27821.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version:
1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version:
1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 497.29
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version:
497.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version:
9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version:
1.46.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component
(HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version:
16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration
(HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version:
16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component
(HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version:
16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component
(HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version:
16.0.14131.20278 - Microsoft Corporation) Hidden
Outlook
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\6b0f23e57a39ebfbf2814acb1a24293d)
(Version: 1.0 - Outlook)
PowerPoint
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\319814cb56b667dff88f54e08be8f51f)
(Version: 1.0 - PowerPoint)
Remote Mouse version 4.003
(HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.003 -
Remote Mouse)
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior
Contracts_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 -
TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
V380.1.1.0.705 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1)
(Version: 1.1.0.705 - M@cro-video Technologies Co.)
Wargaming.net Game Center
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Wargaming.net Game
Center) (Version: 21.8.2.7331 - Wargaming.net)
Word
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\1b837d0bf93d01407352736c91b7bf50)
(Version: 1.0 - Word)
World of Tanks EU
(HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\WOT.EU.PRODUCTION)
(Version: - Wargaming.net)

Packages:
=========
B&O Audio Control -> C:\Program
Files\WindowsApps\AD2F1837.BOAudioControl_1.26.249.0_x64__v10z8vjag6ke6
[2021-10-03] (HP Inc.)
Excel -> C:\Program
Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2
[2021-11-18] (excel.office.com)
HP Support Assistant -> C:\Program
Files\WindowsApps\AD2F1837.HPSupportAssistant_9.12.43.0_x64__v10z8vjag6ke6
[2021-12-22] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program
Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe
[2021-12-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program
Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj
[2021-12-29] (NVIDIA Corp.)
Samsung Printer Experience -> C:\Program
Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g
[2021-11-02] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0
[2021-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the
registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not
signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not
signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>
C:\Windows\System32\atiacm64.dll [2021-04-28] (Advanced Micro Devices, Inc.
-> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] ->
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} =>
C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\nvshext.dll
[2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>
C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not
signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument:
C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Outlook.lnk -> C:\Program Files
(x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation)
-> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument:
C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\PowerPoint.lnk -> C:\Program Files
(x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation)
-> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument:
C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Word.lnk -> C:\Program Files
(x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation)
-> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-05-09 19:50 - 2021-05-06 08:00 - 000077824 _____ (Igor Pavlov) [File
not signed] C:\Program Files\7-Zip\7-zip.dll
2021-05-09 18:48 - 2019-04-19 17:12 - 001391104 _____ (Remote Mouse) [File
not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et
al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft
Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
[2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->
C:\Program Files (x86)\HP\HP Support
Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2021-12-14]
(HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper ->
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft
Office\root\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation ->
Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
-> C:\Program Files (x86)\HP\HP Support
Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2021-12-14]
(HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07}
- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
[2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -
C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
[2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -
C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
[2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program
Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31]
(Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset
Hosts.)

2019-12-07 10:14 - 2021-07-05 07:49 - 000002552 _____
C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\Control
Panel\Desktop\\Wallpaper ->
C:\Users\Bucek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thinkstockphotos-479667835_ng-detail-gallery.jpg
DNS Servers: 78.156.32.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA:
1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer =>
(SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run:
=> "OneDrive"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run:
=> "Wargaming.net Game Center"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run:
=> "Free Download Manager"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the
registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query
User{1A314D1E-B330-4488-A9D7-0A84E93A841D}C:\program
files\google\chrome\application\chrome.exe] => (Allow) C:\program
files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query
User{D9122C15-93D6-4E01-B977-47906FCB16D7}C:\program
files\google\chrome\application\chrome.exe] => (Allow) C:\program
files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query
User{33A6CFCC-B631-43A1-95EA-6A0685D51240}C:\games\world_of_tanks_eu\win64\worldoftanks.exe]
=> (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [UDP Query
User{7FCA5D8E-07D4-4AAB-9E87-F3F1141150CE}C:\games\world_of_tanks_eu\win64\worldoftanks.exe]
=> (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [TCP Query
User{1900A961-0647-40F6-9B35-60B9A2245F72}C:\games\world_of_tanks_eu\win32\worldoftanks.exe]
=> (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [UDP Query
User{513F478B-0C42-40E0-BDB0-14096A44B2C4}C:\games\world_of_tanks_eu\win32\worldoftanks.exe]
=> (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [TCP Query
User{681720BA-1B81-4E00-A77C-48B4BD9EBB11}C:\programdata\wargaming.net\gamecenter\wgc.exe]
=> (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [UDP Query
User{F2F08FA4-40E3-4DF8-9526-D348C5CADA74}C:\programdata\wargaming.net\gamecenter\wgc.exe]
=> (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [TCP Query
User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program
files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe]
=> (Allow) C:\program
files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe
=> No File
FirewallRules: [UDP Query
User{30349753-001E-4335-81F1-1B92825D7337}C:\program
files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe]
=> (Allow) C:\program
files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe
=> No File
FirewallRules: [TCP Query
User{D71FE2DF-578D-4FB6-950F-081128CD0C23}C:\program
files\google\chrome\application\chrome.exe] => (Block) C:\program
files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query
User{2A5ED616-500A-4A80-92E8-2860685633C9}C:\program
files\google\chrome\application\chrome.exe] => (Block) C:\program
files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F70F30D-2833-42FF-9CBD-A57A6546666F}] => (Allow)
C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft
Corporation -> Microsoft Corporation)
FirewallRules: [{72A93C47-73B1-4445-9A18-87838A530940}] => (Allow)
C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft
Corporation -> Microsoft Corporation)
FirewallRules: [{88F0A739-2E3A-4BE1-B101-B35A36C00701}] => (Allow)
C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft
Corporation -> Microsoft Corporation)
FirewallRules: [{9CDA0BBF-37C3-41B9-810E-B524F6274552}] => (Allow)
C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft
Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query
User{60450E1E-306B-4DD2-8E4B-98ACF6993381}C:\programdata\wargaming.net\gamecenter\wgc.exe]
=> (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [UDP Query
User{D756C023-8787-46BC-A46C-206F6E1CCE03}C:\programdata\wargaming.net\gamecenter\wgc.exe]
=> (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [TCP Query
User{D2B035A3-3FC7-402A-8471-6924B6247996}C:\games\world_of_tanks_eu\win64\worldoftanks.exe]
=> (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [UDP Query
User{10266B88-17BC-4A54-AD69-23312D7FD847}C:\games\world_of_tanks_eu\win64\worldoftanks.exe]
=> (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net
Limited -> Wargaming.net)
FirewallRules: [TCP Query
User{2A20BE4F-2219-4A43-8EC4-610EF21CE422}C:\games\sniper - ghost warrior
contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost
warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not
signed]
FirewallRules: [UDP Query
User{034832B6-FB3B-439C-ADA2-692B6D8326A7}C:\games\sniper - ghost warrior
contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost
warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not
signed]
FirewallRules: [TCP Query
User{4D030C26-238D-4F85-9FAA-FA59865BD80E}C:\program files
(x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe ()
[File not signed]
FirewallRules: [UDP Query
User{DE27D732-6037-4BB1-8DDB-0ECBB56FE004}C:\program files
(x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe ()
[File not signed]
FirewallRules: [TCP Query
User{FEDA94BB-975F-4587-969B-5F63EAB182A6}C:\program files
(x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe ()
[File not signed]
FirewallRules: [UDP Query
User{537D1B9C-AB83-48DF-9AF2-D47663ED4317}C:\program files
(x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe ()
[File not signed]
FirewallRules: [TCP Query
User{C99C3F4A-387B-4228-9C72-A75C092140B1}C:\games\gears
5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears
5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query
User{0188A862-CE54-41D9-89FE-646AA7CE8F8D}C:\games\gears
5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears
5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow)
C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow)
C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow)
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No
File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow)
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No
File
FirewallRules: [{58DDC730-F35F-4459-8E65-C503E7EA468E}] => (Allow)
C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
(Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3EF3E063-33F7-4979-85EC-E710E1C2134B}] => (Allow)
C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File
not signed]
FirewallRules: [{5CAC64B5-E678-42BB-A032-AA00B555DC06}] => (Allow)
C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File
not signed]
FirewallRules: [{A7BDA95C-F17E-47B6-BEB9-A88CC631E3F3}] => (Allow)
C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net)
[File not signed]
FirewallRules: [{17AF1DB7-5A5A-4D88-B1AE-7195330A8340}] => (Allow)
C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net)
[File not signed]
FirewallRules: [{EE6DED1E-888B-42D8-8B3D-7CA9FE4AEB13}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{23651F3C-B9CD-47BF-95F5-C04F31E1CB97}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{2938AC67-AE3F-4297-94FD-2B12364A7D26}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{65A1DE94-7E65-499E-85A6-BA642453AEB0}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{93D1F219-1A7E-4567-BB2A-01F53702DF1F}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{89751010-B1BA-4411-96F7-5B63567A0690}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{85B84FD1-4DD3-4F41-BB45-0C04C30ACAD4}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{9D148F52-DE78-45C1-B865-15D51604D61A}] => (Allow)
C:\Program
Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd)
FirewallRules: [{9C6CE9B1-B1AD-4B45-A4B2-2851705A9B95}] => (Allow)
C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C9D409-FAB9-482A-AD36-8B4581ED0C6F}] => (Allow)
C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E26D5315-61B7-4210-967C-7D309B6A32B0}] => (Allow)
C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85CABDE3-F7DF-4232-81E1-EA34F050A18A}] => (Allow)
C:\Program
Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507CE3FD-1A75-40E0-A8C0-5A540F860D86}] => (Allow)
C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google
LLC)
FirewallRules: [{9E188687-8E33-4CFB-906E-9FE66DDB53F7}] => (Allow)
C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BC0F8DA-F7BC-4FB5-AD8E-91FC78873EFA}] => (Allow)
C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFAFF450-034C-4222-81D8-39E57821AE5E}] => (Allow)
C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88F7565F-F8AF-4E39-8629-4BB1AA889269}] => (Allow)
C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FBD9392-9BC1-49CF-8F17-ABE960DFF8E5}] => (Allow)
C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{29BA5C12-0EC8-45EF-993B-E559B9C1E383}] => (Allow)
C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{DF474530-742D-4240-B9D1-D2A49C418638}] => (Allow)
C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{D1480A61-6E63-4490-B3B5-971A9C547D97}] => (Allow)
C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited ->
Wargaming.net)
FirewallRules: [{12B199C3-8DFA-4638-AFEF-210F8A30F698}] => (Allow)
C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited ->
Wargaming.net)
FirewallRules: [{801664EF-BF31-4A6C-82F4-652BB07E6312}] => (Allow)
C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited ->
Adguard Software Ltd)
FirewallRules: [{BA83C941-67AC-419A-A857-6D344320C013}] => (Allow)
C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH ->
TeamViewer Germany GmbH)
FirewallRules: [{C6250FA8-7289-405D-97C9-4FDA3CC8EF8A}] => (Allow)
C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH ->
TeamViewer Germany GmbH)
FirewallRules: [{6F46FCEC-40C3-4F40-B3F7-9F9A2CF5E81F}] => (Allow)
C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH
-> TeamViewer Germany GmbH)
FirewallRules: [{81206C55-1D3D-4D60-8B25-44C084DF239E}] => (Allow)
C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH
-> TeamViewer Germany GmbH)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Description: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable
Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2022 12:09:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files
(x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba
v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft
Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované
komponenty.
Odkaz je
UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je
UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/04/2022 11:02:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files
(x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba
v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft
Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované
komponenty.
Odkaz je
UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je
UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/04/2022 11:00:37 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.746,
časové razítko: 0x6be51595
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1387, časové
razítko: 0x0b9a844a
Kód výjimky: 0xc00001ad
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x2cf4
Čas spuštění chybující aplikace: 0x01d801b6808a5dee
Cesta k chybující aplikaci: C:\Windows\system32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 50037b72-998d-4bfa-a75b-06129eea5c13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2022 11:00:26 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.746,
časové razítko: 0x6be51595
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1387, časové
razítko: 0x0b9a844a
Kód výjimky: 0xe0464645
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x15e4
Čas spuštění chybující aplikace: 0x01d801b679b99fdf
Cesta k chybující aplikaci: C:\Windows\system32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a0341f29-02f4-418c-b304-6701b7c1fc11
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2022 11:00:22 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.746,
časové razítko: 0x6be51595
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1387, časové
razítko: 0x0b9a844a
Kód výjimky: 0xe0464645
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0xe0c
Čas spuštění chybující aplikace: 0x01d801b6765cb971
Cesta k chybující aplikaci: C:\Windows\system32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: d127b96d-3ad9-4dac-b0bc-e568a4ae745e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2022 11:00:17 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.746,
časové razítko: 0x6be51595
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1387, časové
razítko: 0x0b9a844a
Kód výjimky: 0xe0464645
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0xbf0
Čas spuštění chybující aplikace: 0x01d801b673cdd148
Cesta k chybující aplikaci: C:\Windows\system32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: e9cbfe97-50e7-43b0-be21-1a537e72cb24
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2022 11:00:11 PM) (Source: Application Error) (EventID: 1000)
(User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.19041.746,
časové razítko: 0x6be51595
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1387, časové
razítko: 0x0b9a844a
Kód výjimky: 0xc00001ad
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x5d4
Čas spuštění chybující aplikace: 0x01d801ab6d4f7de8
Cesta k chybující aplikaci: C:\Windows\system32\dwm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 8ab0388f-1107-44b8-b301-34ee25646076
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/05/2022 12:09:06 PM) (Source: IntcAzAudAddService) (EventID:
258) (User: )
Description: HAP AcpCreateAudioEngine fail with status (0xC00000BB)

Error: (01/05/2022 12:08:58 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (01/05/2022 12:09:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:01:19, ‎04.‎01.‎2022) bylo
neočekávané.

Error: (01/05/2022 12:08:57 PM) (Source: Microsoft-Windows-Kernel-Boot)
(EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné
chybě.

Error: (01/04/2022 11:00:26 PM) (Source: Service Control Manager) (EventID:
7031) (User: )
Description: Služba Služba kontroly sítě v Antivirové ochraně v programu
Microsoft Defender byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/04/2022 11:00:10 PM) (Source: DCOM) (EventID: 10001) (User:
DESKTOP-QO66UJT)
Description: Nelze spustit server DCOM:
Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca
jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943855
při provádění příkazu:
"C:\Windows\system32\backgroundTaskHost.exe"
-ServerName:ShellFeedsUI.AppXnj65k2d1a1rnztt2t2nng5ctmk3e76pn.mca

Error: (01/04/2022 11:00:10 PM) (Source: DCOM) (EventID: 10001) (User:
DESKTOP-QO66UJT)
Description: Nelze spustit server DCOM:
Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca
jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942408
při provádění příkazu:
"C:\Windows\system32\backgroundTaskHost.exe"
-ServerName:Microsoft.MicrosoftOfficeHub.AppX54h2e8jwdm50fj5ha8987vz1etpx7czd.mca

Error: (01/04/2022 11:00:10 PM) (Source: Service Control Manager) (EventID:
7000) (User: )
Description: Služba Služba pro klientské licence (ClipSVC) neuspěla při
spuštění v důsledku následující chyby:
K dokončení požadované služby je stránkovací soubor příliš malý.


Windows Defender:
================
Date: 2022-01-04 18:37:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo
zastaveno před dokončením.
ID prohledávání: {14BBA4F7-92B5-4348-B35E-4BAB9213DBE5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-26 13:48:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo
zastaveno před dokončením.
ID prohledávání: {87B79E18-5B9C-4360-8D02-0CFE6DE66B13}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-22 15:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo
zastaveno před dokončením.
ID prohledávání: {23F0FA74-DB82-4A23-88DF-2F4DE7EDEF5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-21 15:06:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo
zastaveno před dokončením.
ID prohledávání: {CE555EC7-0C8B-43D7-91DA-39F14589C278}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-17 18:20:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo
zastaveno před dokončením.
ID prohledávání: {AC69DA17-6F76-43B8-A2C9-53662FD5CDE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-01-05 12:16:21
Description:
Code Integrity determined that a process
(\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load
\Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet
the Windows signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.25 08/18/2021
Motherboard: HP 87B3
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 36%
Total physical RAM: 15731.38 MB
Available physical RAM: 10017.89 MB
Total Virtual: 15731.38 MB
Available Virtual: 8950.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.34 GB) (Free:64.58 GB) NTFS

\\?\Volume{892bf747-e5d1-4c89-9662-b643d76e12e3}\ () (Fixed) (Total:0.49
GB) (Free:0.08 GB) NTFS
\\?\Volume{031a3f54-1718-44a9-8240-9396325d63ab}\ () (Fixed) (Total:0.09
GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

============================================

==============
Disk: 0 (Size: 476.9 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Bucek (administrator) on DESKTOP-QO66UJT (HP HP Pavilion Gaming
Laptop 15-ec1xxx) (05-01-2022 12:15:45)
Running from C:\Users\Bucek\Desktop
Loaded Profiles: Bucek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) Language:
Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The
file will not be moved.)

() [File not signed] C:\Program Files (x86)\Remote
Mouse\RemoteMouseService.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files
(x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files
(x86)\Adguard\AdguardSvc.exe
(Advanced Micro Devices, Inc. -> AMD)
C:\
Zobrazujeme pouze část e-m

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#2 Příspěvek od Rudy »

Zdravím!
To je pouze log Addition. Log FRST jste nezkopíroval zcela. Zkopírujte prosím, obsah souboru frst.txt sem do vlákna. Soubor je na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#3 Příspěvek od Bucek »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Bucek (administrator) on DESKTOP-QO66UJT (HP HP Pavilion Gaming Laptop 15-ec1xxx) (05-01-2022 12:15:45)
Running from C:\Users\Bucek\Desktop
Loaded Profiles: Bucek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366719.inf_amd64_de6b06f3cfe1e6ce\B366682\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366719.inf_amd64_de6b06f3cfe1e6ce\B366682\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\cef_browser_process.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\cef_subprocess.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\Games\World_of_Tanks_EU\win64\WorldOfTanks.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269656 2021-07-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6346200 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148288 2021-12-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Policies\Explorer: [DisallowRun] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C702428-554F-4171-A3D1-6B3355941854} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {175459F4-CA74-41D3-B5AA-40277B82A2C5} - System32\Tasks\PCIeBus => "wevtutil.exe" cl Application
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {4041FDA9-09A2-4DB2-844F-25DCE2119E33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {48716CE2-C098-43DA-B597-6800C4B14063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {671EA2C4-10F8-4934-81C3-F1D33A974A5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698098AA-9059-46C5-9CEE-0253964777EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73DDABCC-7D96-47C0-96D3-C0D01D2D26C0} - System32\Tasks\PCIeBusQueue => "wevtutil.exe" cl System
Task: {9024DE60-6262-47A3-9A8C-D3607F231DAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A12F7E7-B419-40DF-8A1A-1CFE4200C694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {A2AA5CD6-0D28-4478-B5AC-55878B7484DF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B15E7CC8-C838-4C01-ACCB-54E7CEA01E6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-12-14] (HP Inc. -> HP Inc.)
Task: {C827FA03-0D60-405D-B600-30AA8F6B6876} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
Task: {D173E0F9-1CC0-43B0-B0D8-61BB5F4B8392} - System32\Tasks\PCIeBusPower => "vssadmin.exe" delete shadows /all /quiet
Task: {E1DEEB21-D285-4FAB-8343-C8BB28C07916} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{e17401d7-bac2-4176-8e24-e8f584414ec4}: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{ecdcb55c-6643-4440-8aa2-86a6f9ff99c4}: [DhcpNameServer] 10.0.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-04]
Edge Extension: (Outlook) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-05-09]
Edge Extension: (Word) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-05-09]
Edge Extension: (Excel) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-05-09]
Edge Extension: (PowerPoint) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-05-09]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default [2022-01-05]
CHR Notifications: Default -> hxxps://phocs.ru; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-09]
CHR Extension: (Weather Underground) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-05-09]
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [467416 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe [755720 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe [754168 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe [751088 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe [690160 2021-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe [754680 2021-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2021-11-01] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [98840 2021-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2021-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\Windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 MpKsl5c22035d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6B2738C-D75B-4AFC-9DC8-FBDB0334B2E0}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-05 12:15 - 2022-01-05 12:16 - 000018897 _____ C:\Users\Bucek\Desktop\FRST.txt
2022-01-05 12:15 - 2022-01-05 12:16 - 000000000 ____D C:\FRST
2022-01-05 12:11 - 2022-01-05 12:11 - 002311168 _____ (Farbar) C:\Users\Bucek\Desktop\FRST64.exe
2022-01-04 21:31 - 2022-01-04 21:31 - 001156664 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2022-01-04 21:31 - 2022-01-04 21:31 - 000443192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000356664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000307397 _____ C:\Windows\system32\Drivers\rtldata.txt
2022-01-04 21:31 - 2022-01-04 21:31 - 000055096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2022-01-04 21:28 - 2022-01-04 21:28 - 1501885749 _____ C:\Windows\MEMORY.DMP
2022-01-04 21:28 - 2022-01-04 21:28 - 003318876 _____ C:\Windows\Minidump\010422-16093-01.dmp
2022-01-04 21:28 - 2022-01-04 21:28 - 000000000 ____D C:\Users\Bucek\AppData\Local\DBG
2022-01-04 21:26 - 2022-01-04 21:26 - 000085704 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2022-01-04 21:26 - 2022-01-04 21:26 - 000043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2022-01-04 21:24 - 2022-01-04 21:34 - 000000000 ____D C:\ProgramData\ProductData
2022-01-04 21:23 - 2022-01-04 21:34 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\Users\Bucek\AppData\LocalLow\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\ProgramData\IObit
2022-01-04 21:22 - 2022-01-04 21:22 - 027268680 _____ (IObit ) C:\Users\Bucek\Downloads\driver_booster_setup.exe
2022-01-04 21:06 - 2022-01-05 12:09 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-04 21:06 - 2022-01-04 21:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-01-04 21:06 - 2022-01-04 21:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-01-04 21:05 - 2022-01-04 21:07 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamViewer
2022-01-04 21:05 - 2022-01-04 21:05 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TeamViewer
2022-01-04 21:04 - 2022-01-04 21:04 - 035080496 _____ (TeamViewer Germany GmbH) C:\Users\Bucek\Downloads\TeamViewer_Setup_x64.exe
2022-01-04 12:00 - 2022-01-04 12:00 - 000079764 _____ C:\Users\Bucek\Documents\DSLDP2-6910212694-20220104-103316.pdf
2022-01-04 10:35 - 2022-01-04 10:35 - 000000961 _____ C:\Users\Bucek\Downloads\DSLDP2-6910212694-20220104-103524.xml
2022-01-04 10:34 - 2022-01-04 10:34 - 000079764 _____ C:\Users\Bucek\Documents\DAN SILNICNI 2022.pdf
2022-01-04 09:02 - 2022-01-04 09:02 - 000121717 _____ C:\Users\Bucek\Documents\9f0002c9-zzform-fs-priznani-dan-silnicni-priloha-5407-1-16.pdf
2022-01-04 08:59 - 2022-01-04 08:59 - 001782127 _____ C:\Users\Bucek\Documents\5407_18.pdf
2022-01-01 11:31 - 2022-01-01 11:34 - 000000000 ____D C:\Users\Bucek\Documents\ADGUARD HESLO
2022-01-01 11:25 - 2022-01-05 12:09 - 000000000 ____D C:\Program Files (x86)\Adguard
2022-01-01 11:25 - 2022-01-01 11:25 - 000114336 _____ (Adguard Software Ltd) C:\Users\Bucek\Downloads\adguardInstaller (1).exe
2022-01-01 11:25 - 2022-01-01 11:25 - 000001002 _____ C:\Users\Public\Desktop\AdGuard.lnk
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Adguard Software Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Local\Adguard_Software_Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard
2022-01-01 11:25 - 2021-11-02 12:36 - 000098840 _____ (Adguard Software Ltd) C:\Windows\system32\Drivers\adgnetworkwfpdrv.sys
2021-12-29 22:47 - 2021-12-29 23:30 - 000000339 _____ C:\Users\Bucek\Desktop\WGCheck_games.xml
2021-12-29 22:47 - 2021-12-29 22:50 - 000000263 _____ C:\Users\Bucek\Desktop\WGCheck_config.xml
2021-12-29 22:46 - 2021-12-29 22:46 - 001837858 _____ C:\Users\Bucek\Downloads\WGCheck_EU.zip
2021-12-29 17:29 - 2021-12-29 17:29 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:54 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-12-29 17:27 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 039649960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2021-12-29 17:26 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000802216 _____ C:\Windows\system32\nvofapi64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-12-29 17:26 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-12-29 17:26 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-12-29 17:26 - 2021-12-15 13:16 - 000085698 _____ C:\Windows\system32\nvinfo.pb
2021-12-29 17:24 - 2021-12-29 17:26 - 871815184 _____ (NVIDIA Corporation) C:\Users\Bucek\Downloads\497.29-notebook-win10-win11-64bit-international-dch-whql.exe
2021-12-29 14:38 - 2021-12-29 14:39 - 219256648 _____ (Malwarebytes) C:\Users\Bucek\Downloads\mb4-setup-consumer-4.4.5.229-1.0.1430-1.0.44238.exe
2021-12-20 14:30 - 2021-12-20 14:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-12-20 13:40 - 2021-12-20 13:40 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\Program Files\iTunes
2021-12-20 13:38 - 2021-12-20 13:45 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Apple Computer
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Inc
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Common Files\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2021-12-20 09:31 - 2021-12-20 09:31 - 000000000 ____D C:\Windows\SystemTemp
2021-12-20 09:19 - 2021-12-20 09:19 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-20 09:16 - 2021-12-20 09:16 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:49 - 2021-12-14 14:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg
2021-12-11 15:42 - 2021-12-11 15:42 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamSpeak 3
2021-12-11 15:28 - 2022-01-04 23:04 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TS3Client
2021-12-11 15:28 - 2021-12-11 15:28 - 000001008 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2021-12-11 08:42 - 2021-12-11 08:42 - 000000112 ___SH C:\bootTel.dat
2021-12-08 08:27 - 2021-12-11 20:31 - 000001657 _____ C:\Users\Bucek\Desktop\World of Tanks EU.lnk
2021-12-08 08:25 - 2022-01-01 13:05 - 000001892 _____ C:\Users\Bucek\Desktop\Game Center.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-05 12:16 - 2021-05-09 17:51 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-05 12:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-05 12:16 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-05 12:15 - 2021-05-12 08:55 - 000000000 ____D C:\ProgramData\Adguard
2022-01-05 12:09 - 2021-05-15 14:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-05 12:09 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-05 12:09 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-05 12:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-04 23:04 - 2020-11-19 00:55 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-04 23:04 - 2019-12-07 15:43 - 000683504 _____ C:\Windows\system32\perfh005.dat
2022-01-04 23:04 - 2019-12-07 15:43 - 000137284 _____ C:\Windows\system32\perfc005.dat
2022-01-04 21:59 - 2021-05-09 17:34 - 000000000 ____D C:\Users\Bucek\AppData\Local\D3DSCache
2022-01-04 21:41 - 2021-05-09 15:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-04 21:41 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-01-04 21:32 - 2021-05-09 15:21 - 000000000 ____D C:\Users\Bucek
2022-01-04 21:31 - 2020-10-15 21:12 - 011913288 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2022-01-04 21:28 - 2021-06-03 09:18 - 000000000 ____D C:\Windows\Minidump
2022-01-04 21:28 - 2020-11-18 23:46 - 000462512 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-04 21:27 - 2020-03-16 05:39 - 000054984 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\amdgpio2.sys
2022-01-01 13:17 - 2021-08-31 08:48 - 000000000 ____D C:\Program Files (x86)\Happy Foto CZ
2022-01-01 11:25 - 2021-05-12 09:03 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-29 23:32 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Wargaming.net
2021-12-29 22:47 - 2021-10-27 13:15 - 004135712 _____ () C:\Users\Bucek\Desktop\WGCheck.exe
2021-12-29 17:33 - 2021-08-28 20:02 - 000000000 ____D C:\Users\Bucek\AppData\Local\NVIDIA
2021-12-29 17:33 - 2021-05-15 14:46 - 000000000 ____D C:\Users\Bucek\AppData\Local\CrashDumps
2021-12-29 17:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-29 17:28 - 2021-08-28 20:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-29 14:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-23 09:06 - 2021-05-09 19:16 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-12-20 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-20 09:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-20 09:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-20 09:16 - 2021-05-09 17:35 - 000000000 ____D C:\Windows\system32\MRT
2021-12-20 09:14 - 2021-05-10 12:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-20 09:09 - 2021-05-09 17:35 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-20 09:07 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-20 09:07 - 2020-11-19 00:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-15 21:50 - 2021-12-05 21:59 - 006438112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-12-15 21:50 - 2021-05-09 17:35 - 007586784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000078544 _____ C:\Windows\system32\FvSDK_x64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000068296 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-12-14 14:56 - 2020-11-19 00:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-14 14:49 - 2021-05-09 15:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-14 14:49 - 2021-05-09 15:21 - 000002381 _____ C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-11 08:48 - 2020-11-19 00:48 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:48 - 2020-11-19 00:48 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Games
2021-12-08 08:21 - 2021-05-09 17:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-06-04 11:54 - 2021-06-04 11:54 - 000000257 _____ () C:\ProgramData\fontcacheev1.dat
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ () C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#4 Příspěvek od Rudy »

OK. Teď spusťte tutp utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#5 Příspěvek od Bucek »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-06-2022
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Bucek\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Crawler hledání
Deleted Crawler hledání
Deleted DAEMON Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Bucek\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3124 octets] - [06/01/2022 15:24:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#6 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#7 Příspěvek od Bucek »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Bucek (06-01-2022 16:10:15)
Running from C:\Users\Bucek\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) (2021-05-09 14:20:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3510672185-1141471611-2441468897-500 - Administrator - Disabled)
Bucek (S-1-5-21-3510672185-1141471611-2441468897-1001 - Administrator - Enabled) => C:\Users\Bucek
DefaultAccount (S-1-5-21-3510672185-1141471611-2441468897-503 - Limited - Disabled)
Guest (S-1-5-21-3510672185-1141471611-2441468897-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3510672185-1141471611-2441468897-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.8.3779.0 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{f6465dc4-c684-41fa-ab39-8d05c75904cd}) (Version: 7.8.3779.0 - Adguard Software Ltd)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Gears 5 (HKLM-x32\...\Gears 5_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
iTunes (HKLM\...\{604E49A2-AFBA-4478-B5C9-C6DE73F7C0ED}) (Version: 12.12.2.2 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Land of War: The Beginning (HKLM-x32\...\Land of War: The Beginning_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Remote Mouse version 4.003 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.003 - Remote Mouse)
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior Contracts_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
V380.1.1.0.705 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.1.0.705 - M@cro-video Technologies Co.)
Wargaming.net Game Center (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Wargaming.net Game Center) (Version: 21.8.2.7331 - Wargaming.net)
Word (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
World of Tanks EU (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.26.249.0_x64__v10z8vjag6ke6 [2021-10-03] (HP Inc.)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2 [2021-11-18] (excel.office.com)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.12.43.0_x64__v10z8vjag6ke6 [2021-12-22] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-29] (NVIDIA Corp.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-11-02] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-05-09 19:50 - 2021-05-06 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-07-05 07:49 - 000002552 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bucek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thinkstockphotos-479667835_ng-detail-gallery.jpg
DNS Servers: 78.156.32.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "Free Download Manager"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1A314D1E-B330-4488-A9D7-0A84E93A841D}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D9122C15-93D6-4E01-B977-47906FCB16D7}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{33A6CFCC-B631-43A1-95EA-6A0685D51240}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7FCA5D8E-07D4-4AAB-9E87-F3F1141150CE}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{1900A961-0647-40F6-9B35-60B9A2245F72}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{513F478B-0C42-40E0-BDB0-14096A44B2C4}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{681720BA-1B81-4E00-A77C-48B4BD9EBB11}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F2F08FA4-40E3-4DF8-9526-D348C5CADA74}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{D71FE2DF-578D-4FB6-950F-081128CD0C23}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{2A5ED616-500A-4A80-92E8-2860685633C9}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F70F30D-2833-42FF-9CBD-A57A6546666F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72A93C47-73B1-4445-9A18-87838A530940}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88F0A739-2E3A-4BE1-B101-B35A36C00701}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CDA0BBF-37C3-41B9-810E-B524F6274552}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{60450E1E-306B-4DD2-8E4B-98ACF6993381}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D756C023-8787-46BC-A46C-206F6E1CCE03}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D2B035A3-3FC7-402A-8471-6924B6247996}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{10266B88-17BC-4A54-AD69-23312D7FD847}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2A20BE4F-2219-4A43-8EC4-610EF21CE422}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{034832B6-FB3B-439C-ADA2-692B6D8326A7}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{4D030C26-238D-4F85-9FAA-FA59865BD80E}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [UDP Query User{DE27D732-6037-4BB1-8DDB-0ECBB56FE004}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [TCP Query User{FEDA94BB-975F-4587-969B-5F63EAB182A6}C:\program files (x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [UDP Query User{537D1B9C-AB83-48DF-9AF2-D47663ED4317}C:\program files (x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [TCP Query User{C99C3F4A-387B-4228-9C72-A75C092140B1}C:\games\gears 5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears 5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query User{0188A862-CE54-41D9-89FE-646AA7CE8F8D}C:\games\gears 5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears 5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{58DDC730-F35F-4459-8E65-C503E7EA468E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3EF3E063-33F7-4979-85EC-E710E1C2134B}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{5CAC64B5-E678-42BB-A032-AA00B555DC06}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{A7BDA95C-F17E-47B6-BEB9-A88CC631E3F3}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{17AF1DB7-5A5A-4D88-B1AE-7195330A8340}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{EE6DED1E-888B-42D8-8B3D-7CA9FE4AEB13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23651F3C-B9CD-47BF-95F5-C04F31E1CB97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2938AC67-AE3F-4297-94FD-2B12364A7D26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65A1DE94-7E65-499E-85A6-BA642453AEB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93D1F219-1A7E-4567-BB2A-01F53702DF1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89751010-B1BA-4411-96F7-5B63567A0690}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85B84FD1-4DD3-4F41-BB45-0C04C30ACAD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D148F52-DE78-45C1-B865-15D51604D61A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C6CE9B1-B1AD-4B45-A4B2-2851705A9B95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C9D409-FAB9-482A-AD36-8B4581ED0C6F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E26D5315-61B7-4210-967C-7D309B6A32B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85CABDE3-F7DF-4232-81E1-EA34F050A18A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507CE3FD-1A75-40E0-A8C0-5A540F860D86}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9E188687-8E33-4CFB-906E-9FE66DDB53F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BC0F8DA-F7BC-4FB5-AD8E-91FC78873EFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFAFF450-034C-4222-81D8-39E57821AE5E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88F7565F-F8AF-4E39-8629-4BB1AA889269}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FBD9392-9BC1-49CF-8F17-ABE960DFF8E5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{29BA5C12-0EC8-45EF-993B-E559B9C1E383}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{DF474530-742D-4240-B9D1-D2A49C418638}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{D1480A61-6E63-4490-B3B5-971A9C547D97}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{12B199C3-8DFA-4638-AFEF-210F8A30F698}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{801664EF-BF31-4A6C-82F4-652BB07E6312}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{BA83C941-67AC-419A-A857-6D344320C013}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C6250FA8-7289-405D-97C9-4FDA3CC8EF8A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6F46FCEC-40C3-4F40-B3F7-9F9A2CF5E81F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81206C55-1D3D-4D60-8B25-44C084DF239E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C4370B7D-086C-427D-8CAE-10959C57EBA7}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{2535A01B-D519-4F49-986F-ED978E470C2C}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{86BA00A4-0AC9-4D28-B0B8-84E76A861A0F}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAB15A6D-FF51-42DE-B665-15FAA7A56C4E}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Description: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================

System errors:
=============

Windows Defender:
================
Date: 2022-01-04 18:37:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14BBA4F7-92B5-4348-B35E-4BAB9213DBE5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-26 13:48:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {87B79E18-5B9C-4360-8D02-0CFE6DE66B13}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-22 15:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {23F0FA74-DB82-4A23-88DF-2F4DE7EDEF5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-21 15:06:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CE555EC7-0C8B-43D7-91DA-39F14589C278}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-17 18:20:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC69DA17-6F76-43B8-A2C9-53662FD5CDE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-01-06 15:58:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.25 08/18/2021
Motherboard: HP 87B3
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 50%
Total physical RAM: 15731.38 MB
Available physical RAM: 7754.64 MB
Total Virtual: 15731.38 MB
Available Virtual: 7434.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.34 GB) (Free:64.5 GB) NTFS

\\?\Volume{892bf747-e5d1-4c89-9662-b643d76e12e3}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{031a3f54-1718-44a9-8240-9396325d63ab}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Bucek (administrator) on DESKTOP-QO66UJT (HP HP Pavilion Gaming Laptop 15-ec1xxx) (06-01-2022 16:09:34)
Running from C:\Users\Bucek\Desktop
Loaded Profiles: Bucek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Unarchiver) [File not signed] C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269656 2021-07-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6346200 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148288 2021-12-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Policies\Explorer: [DisallowRun] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C702428-554F-4171-A3D1-6B3355941854} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {175459F4-CA74-41D3-B5AA-40277B82A2C5} - System32\Tasks\PCIeBus => "wevtutil.exe" cl Application
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {4041FDA9-09A2-4DB2-844F-25DCE2119E33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {48716CE2-C098-43DA-B597-6800C4B14063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {671EA2C4-10F8-4934-81C3-F1D33A974A5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698098AA-9059-46C5-9CEE-0253964777EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73DDABCC-7D96-47C0-96D3-C0D01D2D26C0} - System32\Tasks\PCIeBusQueue => "wevtutil.exe" cl System
Task: {9024DE60-6262-47A3-9A8C-D3607F231DAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A12F7E7-B419-40DF-8A1A-1CFE4200C694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {A2AA5CD6-0D28-4478-B5AC-55878B7484DF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B15E7CC8-C838-4C01-ACCB-54E7CEA01E6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-12-14] (HP Inc. -> HP Inc.)
Task: {C827FA03-0D60-405D-B600-30AA8F6B6876} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
Task: {D173E0F9-1CC0-43B0-B0D8-61BB5F4B8392} - System32\Tasks\PCIeBusPower => "vssadmin.exe" delete shadows /all /quiet
Task: {E1DEEB21-D285-4FAB-8343-C8BB28C07916} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{e17401d7-bac2-4176-8e24-e8f584414ec4}: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{ecdcb55c-6643-4440-8aa2-86a6f9ff99c4}: [DhcpNameServer] 10.0.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-05]
Edge Extension: (Outlook) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-05-09]
Edge Extension: (Word) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-05-09]
Edge Extension: (Excel) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-05-09]
Edge Extension: (PowerPoint) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-05-09]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default [2022-01-06]
CHR Notifications: Default -> hxxps://phocs.ru; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-09]
CHR Extension: (Weather Underground) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-05-09]
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [467416 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe [755720 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe [754168 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe [751088 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe [690160 2021-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe [754680 2021-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2021-11-01] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [98840 2021-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 HPOmenCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2021-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\Windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 15:24 - 2022-01-06 15:27 - 000000000 ____D C:\AdwCleaner
2022-01-06 15:23 - 2022-01-06 15:23 - 008540344 _____ (Malwarebytes) C:\Users\Bucek\Desktop\adwcleaner_8.3.1.exe
2022-01-05 12:15 - 2022-01-06 16:09 - 000016733 _____ C:\Users\Bucek\Desktop\FRST.txt
2022-01-05 12:15 - 2022-01-06 16:09 - 000000000 ____D C:\FRST
2022-01-05 12:11 - 2022-01-05 12:11 - 002311168 _____ (Farbar) C:\Users\Bucek\Desktop\FRST64.exe
2022-01-04 21:31 - 2022-01-04 21:31 - 001156664 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2022-01-04 21:31 - 2022-01-04 21:31 - 000443192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000356664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000307397 _____ C:\Windows\system32\Drivers\rtldata.txt
2022-01-04 21:31 - 2022-01-04 21:31 - 000055096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2022-01-04 21:28 - 2022-01-04 21:28 - 1501885749 _____ C:\Windows\MEMORY.DMP
2022-01-04 21:28 - 2022-01-04 21:28 - 003318876 _____ C:\Windows\Minidump\010422-16093-01.dmp
2022-01-04 21:28 - 2022-01-04 21:28 - 000000000 ____D C:\Users\Bucek\AppData\Local\DBG
2022-01-04 21:26 - 2022-01-04 21:26 - 000085704 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2022-01-04 21:26 - 2022-01-04 21:26 - 000043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2022-01-04 21:24 - 2022-01-04 21:34 - 000000000 ____D C:\ProgramData\ProductData
2022-01-04 21:23 - 2022-01-06 15:27 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\Users\Bucek\AppData\LocalLow\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\ProgramData\IObit
2022-01-04 21:22 - 2022-01-04 21:22 - 027268680 _____ (IObit ) C:\Users\Bucek\Downloads\driver_booster_setup.exe
2022-01-04 21:06 - 2022-01-06 05:42 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-04 21:06 - 2022-01-04 21:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-01-04 21:06 - 2022-01-04 21:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-01-04 21:05 - 2022-01-04 21:07 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamViewer
2022-01-04 21:05 - 2022-01-04 21:05 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TeamViewer
2022-01-04 21:04 - 2022-01-04 21:04 - 035080496 _____ (TeamViewer Germany GmbH) C:\Users\Bucek\Downloads\TeamViewer_Setup_x64.exe
2022-01-04 12:00 - 2022-01-04 12:00 - 000079764 _____ C:\Users\Bucek\Documents\DSLDP2-6910212694-20220104-103316.pdf
2022-01-04 10:35 - 2022-01-04 10:35 - 000000961 _____ C:\Users\Bucek\Downloads\DSLDP2-6910212694-20220104-103524.xml
2022-01-04 10:34 - 2022-01-04 10:34 - 000079764 _____ C:\Users\Bucek\Documents\DAN SILNICNI 2022.pdf
2022-01-04 09:02 - 2022-01-04 09:02 - 000121717 _____ C:\Users\Bucek\Documents\9f0002c9-zzform-fs-priznani-dan-silnicni-priloha-5407-1-16.pdf
2022-01-04 08:59 - 2022-01-04 08:59 - 001782127 _____ C:\Users\Bucek\Documents\5407_18.pdf
2022-01-01 11:31 - 2022-01-01 11:34 - 000000000 ____D C:\Users\Bucek\Documents\ADGUARD HESLO
2022-01-01 11:25 - 2022-01-06 15:28 - 000000000 ____D C:\Program Files (x86)\Adguard
2022-01-01 11:25 - 2022-01-01 11:25 - 000114336 _____ (Adguard Software Ltd) C:\Users\Bucek\Downloads\adguardInstaller (1).exe
2022-01-01 11:25 - 2022-01-01 11:25 - 000001002 _____ C:\Users\Public\Desktop\AdGuard.lnk
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Adguard Software Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Local\Adguard_Software_Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard
2022-01-01 11:25 - 2021-11-02 12:36 - 000098840 _____ (Adguard Software Ltd) C:\Windows\system32\Drivers\adgnetworkwfpdrv.sys
2021-12-29 22:46 - 2021-12-29 22:46 - 001837858 _____ C:\Users\Bucek\Downloads\WGCheck_EU.zip
2021-12-29 17:29 - 2021-12-29 17:29 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:54 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-12-29 17:27 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 039649960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2021-12-29 17:26 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000802216 _____ C:\Windows\system32\nvofapi64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-12-29 17:26 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-12-29 17:26 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-12-29 17:26 - 2021-12-15 13:16 - 000085698 _____ C:\Windows\system32\nvinfo.pb
2021-12-29 17:24 - 2021-12-29 17:26 - 871815184 _____ (NVIDIA Corporation) C:\Users\Bucek\Downloads\497.29-notebook-win10-win11-64bit-international-dch-whql.exe
2021-12-29 14:38 - 2021-12-29 14:39 - 219256648 _____ (Malwarebytes) C:\Users\Bucek\Downloads\mb4-setup-consumer-4.4.5.229-1.0.1430-1.0.44238.exe
2021-12-20 14:30 - 2021-12-20 14:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-12-20 13:40 - 2021-12-20 13:40 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\Program Files\iTunes
2021-12-20 13:38 - 2021-12-20 13:45 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Apple Computer
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Inc
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Common Files\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2021-12-20 09:31 - 2021-12-20 09:31 - 000000000 ____D C:\Windows\SystemTemp
2021-12-20 09:19 - 2021-12-20 09:19 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-20 09:16 - 2021-12-20 09:16 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:49 - 2021-12-14 14:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg
2021-12-11 15:42 - 2021-12-11 15:42 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamSpeak 3
2021-12-11 15:28 - 2022-01-04 23:04 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TS3Client
2021-12-11 15:28 - 2021-12-11 15:28 - 000001008 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2021-12-11 08:42 - 2021-12-11 08:42 - 000000112 ___SH C:\bootTel.dat
2021-12-08 08:27 - 2021-12-11 20:31 - 000001657 _____ C:\Users\Bucek\Desktop\World of Tanks EU.lnk
2021-12-08 08:25 - 2022-01-01 13:05 - 000001892 _____ C:\Users\Bucek\Desktop\Game Center.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 16:09 - 2021-05-12 08:55 - 000000000 ____D C:\ProgramData\Adguard
2022-01-06 15:30 - 2021-05-09 17:34 - 000000000 ____D C:\Users\Bucek\AppData\Local\D3DSCache
2022-01-06 15:27 - 2021-05-15 14:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-06 15:27 - 2021-05-09 19:58 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 19:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 19:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 17:37 - 000000000 ____D C:\ProgramData\HP
2022-01-06 15:22 - 2021-05-09 17:51 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-06 13:54 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-06 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 07:47 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-06 06:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-06 06:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-06 05:49 - 2020-11-19 00:55 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-06 05:49 - 2019-12-07 15:43 - 000683504 _____ C:\Windows\system32\perfh005.dat
2022-01-06 05:49 - 2019-12-07 15:43 - 000137284 _____ C:\Windows\system32\perfc005.dat
2022-01-06 05:42 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-06 05:42 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-01-04 21:41 - 2021-05-09 15:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-04 21:32 - 2021-05-09 15:21 - 000000000 ____D C:\Users\Bucek
2022-01-04 21:31 - 2020-10-15 21:12 - 011913288 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2022-01-04 21:28 - 2021-06-03 09:18 - 000000000 ____D C:\Windows\Minidump
2022-01-04 21:28 - 2020-11-18 23:46 - 000462512 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-04 21:27 - 2020-03-16 05:39 - 000054984 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\amdgpio2.sys
2022-01-01 13:17 - 2021-08-31 08:48 - 000000000 ____D C:\Program Files (x86)\Happy Foto CZ
2022-01-01 11:25 - 2021-05-12 09:03 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-29 23:32 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Wargaming.net
2021-12-29 22:47 - 2021-10-27 13:15 - 004135712 _____ () C:\Users\Bucek\Desktop\WGCheck.exe
2021-12-29 17:33 - 2021-08-28 20:02 - 000000000 ____D C:\Users\Bucek\AppData\Local\NVIDIA
2021-12-29 17:33 - 2021-05-15 14:46 - 000000000 ____D C:\Users\Bucek\AppData\Local\CrashDumps
2021-12-29 17:28 - 2021-08-28 20:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-29 14:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-23 09:06 - 2021-05-09 19:16 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-12-20 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-20 09:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-20 09:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-20 09:16 - 2021-05-09 17:35 - 000000000 ____D C:\Windows\system32\MRT
2021-12-20 09:14 - 2021-05-10 12:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-20 09:09 - 2021-05-09 17:35 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-20 09:07 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-20 09:07 - 2020-11-19 00:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-15 21:50 - 2021-12-05 21:59 - 006438112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-12-15 21:50 - 2021-05-09 17:35 - 007586784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000078544 _____ C:\Windows\system32\FvSDK_x64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000068296 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-12-14 14:56 - 2020-11-19 00:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-14 14:49 - 2021-05-09 15:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-14 14:49 - 2021-05-09 15:21 - 000002381 _____ C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-11 08:48 - 2020-11-19 00:48 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:48 - 2020-11-19 00:48 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Games
2021-12-08 08:21 - 2021-05-09 17:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-06-04 11:54 - 2021-06-04 11:54 - 000000257 _____ () C:\ProgramData\fontcacheev1.dat
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ () C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#9 Příspěvek od Bucek »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Bucek (06-01-2022 18:45:29)
Running from C:\Users\Bucek\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) (2021-05-09 14:20:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3510672185-1141471611-2441468897-500 - Administrator - Disabled)
Bucek (S-1-5-21-3510672185-1141471611-2441468897-1001 - Administrator - Enabled) => C:\Users\Bucek
DefaultAccount (S-1-5-21-3510672185-1141471611-2441468897-503 - Limited - Disabled)
Guest (S-1-5-21-3510672185-1141471611-2441468897-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3510672185-1141471611-2441468897-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.02 alpha (x64) (HKLM\...\7-Zip) (Version: 21.02 alpha - Igor Pavlov)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.8.3779.0 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{f6465dc4-c684-41fa-ab39-8d05c75904cd}) (Version: 7.8.3779.0 - Adguard Software Ltd)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Gears 5 (HKLM-x32\...\Gears 5_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
iTunes (HKLM\...\{604E49A2-AFBA-4478-B5C9-C6DE73F7C0ED}) (Version: 12.12.2.2 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Land of War: The Beginning (HKLM-x32\...\Land of War: The Beginning_is1) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Remote Mouse version 4.003 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.003 - Remote Mouse)
Sniper: Ghost Warrior Contracts (HKLM-x32\...\Sniper: Ghost Warrior Contracts_is1) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
V380.1.1.0.705 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.1.0.705 - M@cro-video Technologies Co.)
Wargaming.net Game Center (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Wargaming.net Game Center) (Version: 21.8.2.7331 - Wargaming.net)
Word (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
World of Tanks EU (HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.26.249.0_x64__v10z8vjag6ke6 [2021-10-03] (HP Inc.)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.1_neutral__2vp2pd36ganw2 [2021-11-18] (excel.office.com)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.12.43.0_x64__v10z8vjag6ke6 [2021-12-22] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-29] (NVIDIA Corp.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-11-02] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-05-06] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-05-09 19:50 - 2021-05-06 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-07-05 07:49 - 000002552 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bucek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thinkstockphotos-479667835_ng-detail-gallery.jpg
DNS Servers: 78.156.32.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\StartupApproved\Run: => "Free Download Manager"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1A314D1E-B330-4488-A9D7-0A84E93A841D}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{D9122C15-93D6-4E01-B977-47906FCB16D7}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{33A6CFCC-B631-43A1-95EA-6A0685D51240}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7FCA5D8E-07D4-4AAB-9E87-F3F1141150CE}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{1900A961-0647-40F6-9B35-60B9A2245F72}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{513F478B-0C42-40E0-BDB0-14096A44B2C4}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{681720BA-1B81-4E00-A77C-48B4BD9EBB11}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F2F08FA4-40E3-4DF8-9526-D348C5CADA74}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [TCP Query User{D71FE2DF-578D-4FB6-950F-081128CD0C23}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{2A5ED616-500A-4A80-92E8-2860685633C9}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F70F30D-2833-42FF-9CBD-A57A6546666F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72A93C47-73B1-4445-9A18-87838A530940}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88F0A739-2E3A-4BE1-B101-B35A36C00701}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CDA0BBF-37C3-41B9-810E-B524F6274552}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{60450E1E-306B-4DD2-8E4B-98ACF6993381}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D756C023-8787-46BC-A46C-206F6E1CCE03}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D2B035A3-3FC7-402A-8471-6924B6247996}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{10266B88-17BC-4A54-AD69-23312D7FD847}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2A20BE4F-2219-4A43-8EC4-610EF21CE422}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{034832B6-FB3B-439C-ADA2-692B6D8326A7}C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) C:\games\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{4D030C26-238D-4F85-9FAA-FA59865BD80E}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [UDP Query User{DE27D732-6037-4BB1-8DDB-0ECBB56FE004}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [TCP Query User{FEDA94BB-975F-4587-969B-5F63EAB182A6}C:\program files (x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [UDP Query User{537D1B9C-AB83-48DF-9AF2-D47663ED4317}C:\program files (x86)\v380\v380.exe] => (Block) C:\program files (x86)\v380\v380.exe () [File not signed]
FirewallRules: [TCP Query User{C99C3F4A-387B-4228-9C72-A75C092140B1}C:\games\gears 5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears 5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [UDP Query User{0188A862-CE54-41D9-89FE-646AA7CE8F8D}C:\games\gears 5\geargame\binaries\steam\gears5.exe] => (Allow) C:\games\gears 5\geargame\binaries\steam\gears5.exe (The Coalition) [File not signed]
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{58DDC730-F35F-4459-8E65-C503E7EA468E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3EF3E063-33F7-4979-85EC-E710E1C2134B}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{5CAC64B5-E678-42BB-A032-AA00B555DC06}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{A7BDA95C-F17E-47B6-BEB9-A88CC631E3F3}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{17AF1DB7-5A5A-4D88-B1AE-7195330A8340}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{EE6DED1E-888B-42D8-8B3D-7CA9FE4AEB13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23651F3C-B9CD-47BF-95F5-C04F31E1CB97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2938AC67-AE3F-4297-94FD-2B12364A7D26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65A1DE94-7E65-499E-85A6-BA642453AEB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93D1F219-1A7E-4567-BB2A-01F53702DF1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89751010-B1BA-4411-96F7-5B63567A0690}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85B84FD1-4DD3-4F41-BB45-0C04C30ACAD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D148F52-DE78-45C1-B865-15D51604D61A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C6CE9B1-B1AD-4B45-A4B2-2851705A9B95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C9D409-FAB9-482A-AD36-8B4581ED0C6F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E26D5315-61B7-4210-967C-7D309B6A32B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85CABDE3-F7DF-4232-81E1-EA34F050A18A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507CE3FD-1A75-40E0-A8C0-5A540F860D86}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9E188687-8E33-4CFB-906E-9FE66DDB53F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BC0F8DA-F7BC-4FB5-AD8E-91FC78873EFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFAFF450-034C-4222-81D8-39E57821AE5E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{88F7565F-F8AF-4E39-8629-4BB1AA889269}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FBD9392-9BC1-49CF-8F17-ABE960DFF8E5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{29BA5C12-0EC8-45EF-993B-E559B9C1E383}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{DF474530-742D-4240-B9D1-D2A49C418638}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{D1480A61-6E63-4490-B3B5-971A9C547D97}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{12B199C3-8DFA-4638-AFEF-210F8A30F698}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{801664EF-BF31-4A6C-82F4-652BB07E6312}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{BA83C941-67AC-419A-A857-6D344320C013}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C6250FA8-7289-405D-97C9-4FDA3CC8EF8A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6F46FCEC-40C3-4F40-B3F7-9F9A2CF5E81F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81206C55-1D3D-4D60-8B25-44C084DF239E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C4370B7D-086C-427D-8CAE-10959C57EBA7}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{2535A01B-D519-4F49-986F-ED978E470C2C}] => (Allow) C:\Users\Bucek\Desktop\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{86BA00A4-0AC9-4D28-B0B8-84E76A861A0F}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAB15A6D-FF51-42DE-B665-15FAA7A56C4E}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Description: NVIDIA GeForce GTX 1660 Ti with Max-Q Design
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================

System errors:
=============

Windows Defender:
================
Date: 2022-01-06 18:42:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {898F6C59-2AA4-4FE4-ACBB-4A4B3FB849E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-01-04 18:37:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14BBA4F7-92B5-4348-B35E-4BAB9213DBE5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-26 13:48:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {87B79E18-5B9C-4360-8D02-0CFE6DE66B13}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-22 15:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {23F0FA74-DB82-4A23-88DF-2F4DE7EDEF5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-21 15:06:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CE555EC7-0C8B-43D7-91DA-39F14589C278}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-01-06 18:42:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.25 08/18/2021
Motherboard: HP 87B3
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 57%
Total physical RAM: 15731.38 MB
Available physical RAM: 6667.25 MB
Total Virtual: 15731.38 MB
Available Virtual: 6194.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.34 GB) (Free:64.49 GB) NTFS

\\?\Volume{892bf747-e5d1-4c89-9662-b643d76e12e3}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{031a3f54-1718-44a9-8240-9396325d63ab}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Bucek (administrator) on DESKTOP-QO66UJT (HP HP Pavilion Gaming Laptop 15-ec1xxx) (06-01-2022 18:44:42)
Running from C:\Users\Bucek\Desktop
Loaded Profiles: Bucek
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Unarchiver) [File not signed] C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269656 2021-07-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6346200 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148288 2021-12-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Policies\Explorer: [DisallowRun] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C702428-554F-4171-A3D1-6B3355941854} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {175459F4-CA74-41D3-B5AA-40277B82A2C5} - System32\Tasks\PCIeBus => "wevtutil.exe" cl Application
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {4041FDA9-09A2-4DB2-844F-25DCE2119E33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {48716CE2-C098-43DA-B597-6800C4B14063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {671EA2C4-10F8-4934-81C3-F1D33A974A5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698098AA-9059-46C5-9CEE-0253964777EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73DDABCC-7D96-47C0-96D3-C0D01D2D26C0} - System32\Tasks\PCIeBusQueue => "wevtutil.exe" cl System
Task: {9024DE60-6262-47A3-9A8C-D3607F231DAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A12F7E7-B419-40DF-8A1A-1CFE4200C694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {A2AA5CD6-0D28-4478-B5AC-55878B7484DF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B15E7CC8-C838-4C01-ACCB-54E7CEA01E6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-12-14] (HP Inc. -> HP Inc.)
Task: {C827FA03-0D60-405D-B600-30AA8F6B6876} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
Task: {D173E0F9-1CC0-43B0-B0D8-61BB5F4B8392} - System32\Tasks\PCIeBusPower => "vssadmin.exe" delete shadows /all /quiet
Task: {E1DEEB21-D285-4FAB-8343-C8BB28C07916} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{e17401d7-bac2-4176-8e24-e8f584414ec4}: [DhcpNameServer] 78.156.32.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{ecdcb55c-6643-4440-8aa2-86a6f9ff99c4}: [DhcpNameServer] 10.0.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-05]
Edge Extension: (Outlook) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-05-09]
Edge Extension: (Word) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-05-09]
Edge Extension: (Excel) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-05-09]
Edge Extension: (PowerPoint) - C:\Users\Bucek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-05-09]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default [2022-01-06]
CHR Notifications: Default -> hxxps://phocs.ru; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-09]
CHR Extension: (Weather Underground) - C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-05-09]
CHR Profile: C:\Users\Bucek\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [467416 2021-12-16] (Adguard Software Limited -> Adguard Software Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\AppHelperCap.exe [755720 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\DiagsCap.exe [754168 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\NetworkCap.exe [751088 2021-11-05] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_57d17b764309f47c\x64\OmenCap\OmenCap.exe [690160 2021-09-28] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c702a0363e0b94e9\x64\SysInfoCap.exe [754680 2021-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2021-11-01] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14545704 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [98840 2021-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 HPOmenCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2021-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 ViGEmBus; C:\Windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-14] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 18:44 - 2022-01-06 18:44 - 000001969 _____ C:\Users\Bucek\Desktop\fixlist.txt
2022-01-06 16:10 - 2022-01-06 16:10 - 000030438 _____ C:\Users\Bucek\Desktop\Addition.txt
2022-01-06 15:24 - 2022-01-06 15:27 - 000000000 ____D C:\AdwCleaner
2022-01-06 15:23 - 2022-01-06 15:23 - 008540344 _____ (Malwarebytes) C:\Users\Bucek\Desktop\adwcleaner_8.3.1.exe
2022-01-05 12:15 - 2022-01-06 18:45 - 000016898 _____ C:\Users\Bucek\Desktop\FRST.txt
2022-01-05 12:15 - 2022-01-06 18:44 - 000000000 ____D C:\FRST
2022-01-05 12:11 - 2022-01-05 12:11 - 002311168 _____ (Farbar) C:\Users\Bucek\Desktop\FRST64.exe
2022-01-04 21:31 - 2022-01-04 21:31 - 001156664 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2022-01-04 21:31 - 2022-01-04 21:31 - 000443192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000356664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdtee_api.dll
2022-01-04 21:31 - 2022-01-04 21:31 - 000307397 _____ C:\Windows\system32\Drivers\rtldata.txt
2022-01-04 21:31 - 2022-01-04 21:31 - 000055096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\Drivers\amdpsp.sys
2022-01-04 21:28 - 2022-01-04 21:28 - 1501885749 _____ C:\Windows\MEMORY.DMP
2022-01-04 21:28 - 2022-01-04 21:28 - 003318876 _____ C:\Windows\Minidump\010422-16093-01.dmp
2022-01-04 21:28 - 2022-01-04 21:28 - 000000000 ____D C:\Users\Bucek\AppData\Local\DBG
2022-01-04 21:26 - 2022-01-04 21:26 - 000085704 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2022-01-04 21:26 - 2022-01-04 21:26 - 000043720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2022-01-04 21:24 - 2022-01-04 21:34 - 000000000 ____D C:\ProgramData\ProductData
2022-01-04 21:23 - 2022-01-06 15:27 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\Users\Bucek\AppData\LocalLow\IObit
2022-01-04 21:23 - 2022-01-04 21:24 - 000000000 ____D C:\ProgramData\IObit
2022-01-04 21:22 - 2022-01-04 21:22 - 027268680 _____ (IObit ) C:\Users\Bucek\Downloads\driver_booster_setup.exe
2022-01-04 21:06 - 2022-01-06 05:42 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-04 21:06 - 2022-01-04 21:06 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2022-01-04 21:06 - 2022-01-04 21:06 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2022-01-04 21:05 - 2022-01-04 21:07 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamViewer
2022-01-04 21:05 - 2022-01-04 21:05 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TeamViewer
2022-01-04 21:04 - 2022-01-04 21:04 - 035080496 _____ (TeamViewer Germany GmbH) C:\Users\Bucek\Downloads\TeamViewer_Setup_x64.exe
2022-01-04 12:00 - 2022-01-04 12:00 - 000079764 _____ C:\Users\Bucek\Documents\DSLDP2-6910212694-20220104-103316.pdf
2022-01-04 10:35 - 2022-01-04 10:35 - 000000961 _____ C:\Users\Bucek\Downloads\DSLDP2-6910212694-20220104-103524.xml
2022-01-04 10:34 - 2022-01-04 10:34 - 000079764 _____ C:\Users\Bucek\Documents\DAN SILNICNI 2022.pdf
2022-01-04 09:02 - 2022-01-04 09:02 - 000121717 _____ C:\Users\Bucek\Documents\9f0002c9-zzform-fs-priznani-dan-silnicni-priloha-5407-1-16.pdf
2022-01-04 08:59 - 2022-01-04 08:59 - 001782127 _____ C:\Users\Bucek\Documents\5407_18.pdf
2022-01-01 11:31 - 2022-01-01 11:34 - 000000000 ____D C:\Users\Bucek\Documents\ADGUARD HESLO
2022-01-01 11:25 - 2022-01-06 18:42 - 000000000 ____D C:\Program Files (x86)\Adguard
2022-01-01 11:25 - 2022-01-01 11:25 - 000114336 _____ (Adguard Software Ltd) C:\Users\Bucek\Downloads\adguardInstaller (1).exe
2022-01-01 11:25 - 2022-01-01 11:25 - 000001002 _____ C:\Users\Public\Desktop\AdGuard.lnk
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Adguard Software Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\Users\Bucek\AppData\Local\Adguard_Software_Ltd
2022-01-01 11:25 - 2022-01-01 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdGuard
2022-01-01 11:25 - 2021-11-02 12:36 - 000098840 _____ (Adguard Software Ltd) C:\Windows\system32\Drivers\adgnetworkwfpdrv.sys
2021-12-29 22:46 - 2021-12-29 22:46 - 001837858 _____ C:\Users\Bucek\Downloads\WGCheck_EU.zip
2021-12-29 17:29 - 2021-12-29 17:29 - 000000000 ____D C:\Windows\LastGood.Tmp
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe
2021-12-29 17:27 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-12-29 17:27 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-12-29 17:27 - 2021-12-15 21:54 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-12-29 17:27 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 039649960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2021-12-29 17:26 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000802216 _____ C:\Windows\system32\nvofapi64.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-12-29 17:26 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-12-29 17:26 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-12-29 17:26 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-12-29 17:26 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-12-29 17:26 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-12-29 17:26 - 2021-12-15 13:16 - 000085698 _____ C:\Windows\system32\nvinfo.pb
2021-12-29 17:24 - 2021-12-29 17:26 - 871815184 _____ (NVIDIA Corporation) C:\Users\Bucek\Downloads\497.29-notebook-win10-win11-64bit-international-dch-whql.exe
2021-12-29 14:38 - 2021-12-29 14:39 - 219256648 _____ (Malwarebytes) C:\Users\Bucek\Downloads\mb4-setup-consumer-4.4.5.229-1.0.1430-1.0.44238.exe
2021-12-20 14:30 - 2021-12-20 14:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-12-20 13:40 - 2021-12-20 13:40 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-12-20 13:40 - 2021-12-20 13:40 - 000000000 ____D C:\Program Files\iTunes
2021-12-20 13:38 - 2021-12-20 13:45 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Apple Computer
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Inc
2021-12-20 13:38 - 2021-12-20 13:38 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Users\Bucek\AppData\Local\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple Computer
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\ProgramData\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Common Files\Apple
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-12-20 13:37 - 2021-12-20 13:37 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2021-12-20 09:31 - 2021-12-20 09:31 - 000000000 ____D C:\Windows\SystemTemp
2021-12-20 09:19 - 2021-12-20 09:19 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-20 09:19 - 2021-12-20 09:19 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-20 09:16 - 2021-12-20 09:16 - 000000000 ___HD C:\$WinREAgent
2021-12-14 14:49 - 2021-12-14 14:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg
2021-12-11 15:42 - 2021-12-11 15:42 - 000000000 ____D C:\Users\Bucek\AppData\Local\TeamSpeak 3
2021-12-11 15:28 - 2022-01-04 23:04 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\TS3Client
2021-12-11 15:28 - 2021-12-11 15:28 - 000001008 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-12-11 15:28 - 2021-12-11 15:28 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2021-12-11 08:42 - 2021-12-11 08:42 - 000000112 ___SH C:\bootTel.dat
2021-12-08 08:27 - 2021-12-11 20:31 - 000001657 _____ C:\Users\Bucek\Desktop\World of Tanks EU.lnk
2021-12-08 08:25 - 2022-01-01 13:05 - 000001892 _____ C:\Users\Bucek\Desktop\Game Center.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-06 18:44 - 2021-05-12 08:55 - 000000000 ____D C:\ProgramData\Adguard
2022-01-06 18:43 - 2021-05-09 17:51 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-06 18:42 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-06 15:30 - 2021-05-09 17:34 - 000000000 ____D C:\Users\Bucek\AppData\Local\D3DSCache
2022-01-06 15:27 - 2021-05-15 14:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-06 15:27 - 2021-05-09 19:58 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 19:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 19:16 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-01-06 15:27 - 2021-05-09 17:37 - 000000000 ____D C:\ProgramData\HP
2022-01-06 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-06 07:47 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-06 06:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-06 06:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-06 05:49 - 2020-11-19 00:55 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-06 05:49 - 2019-12-07 15:43 - 000683504 _____ C:\Windows\system32\perfh005.dat
2022-01-06 05:49 - 2019-12-07 15:43 - 000137284 _____ C:\Windows\system32\perfc005.dat
2022-01-06 05:42 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-06 05:42 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-01-04 21:41 - 2021-05-09 15:19 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-04 21:32 - 2021-05-09 15:21 - 000000000 ____D C:\Users\Bucek
2022-01-04 21:31 - 2020-10-15 21:12 - 011913288 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2022-01-04 21:28 - 2021-06-03 09:18 - 000000000 ____D C:\Windows\Minidump
2022-01-04 21:28 - 2020-11-18 23:46 - 000462512 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-04 21:27 - 2020-03-16 05:39 - 000054984 _____ (Advanced Micro Devices, Inc) C:\Windows\system32\Drivers\amdgpio2.sys
2022-01-01 13:17 - 2021-08-31 08:48 - 000000000 ____D C:\Program Files (x86)\Happy Foto CZ
2022-01-01 11:25 - 2021-05-12 09:03 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-29 23:32 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Wargaming.net
2021-12-29 22:47 - 2021-10-27 13:15 - 004135712 _____ () C:\Users\Bucek\Desktop\WGCheck.exe
2021-12-29 17:33 - 2021-08-28 20:02 - 000000000 ____D C:\Users\Bucek\AppData\Local\NVIDIA
2021-12-29 17:33 - 2021-05-15 14:46 - 000000000 ____D C:\Users\Bucek\AppData\Local\CrashDumps
2021-12-29 17:28 - 2021-08-28 20:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-29 17:28 - 2021-05-09 17:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-12-29 14:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-23 09:06 - 2021-05-09 19:16 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-12-20 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-12-20 09:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-20 09:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-20 09:21 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-20 09:16 - 2021-05-09 17:35 - 000000000 ____D C:\Windows\system32\MRT
2021-12-20 09:14 - 2021-05-10 12:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-20 09:09 - 2021-05-09 17:35 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-20 09:07 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-20 09:07 - 2020-11-19 00:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-17 14:57 - 2021-05-09 17:51 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-15 21:50 - 2021-12-05 21:59 - 006438112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-12-15 21:50 - 2021-05-09 17:35 - 007586784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000078544 _____ C:\Windows\system32\FvSDK_x64.dll
2021-12-15 13:16 - 2021-10-21 20:08 - 000068296 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2021-12-14 14:56 - 2020-11-19 00:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-14 14:49 - 2021-05-09 15:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3510672185-1141471611-2441468897-1001
2021-12-14 14:49 - 2021-05-09 15:21 - 000002381 _____ C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-11 08:48 - 2020-11-19 00:48 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-11 08:48 - 2020-11-19 00:48 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Users\Bucek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-12-08 08:27 - 2021-05-09 17:59 - 000000000 ____D C:\Games
2021-12-08 08:21 - 2021-05-09 17:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-06-04 11:54 - 2021-06-04 11:54 - 000000257 _____ () C:\ProgramData\fontcacheev1.dat
2021-12-11 20:28 - 2021-12-11 20:28 - 000007605 _____ () C:\Users\Bucek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#10 Příspěvek od Rudy »

Potřebuji vidět obsah souboru fixlog.txt. Máte ho na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#11 Příspěvek od Bucek »

Start

CloseProcesses:
FirewallRules: [TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour

EmptyTemp:
Hosts:
End

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#12 Příspěvek od Rudy »

To je fixlist. Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1545085#p1545085 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#13 Příspěvek od Bucek »

Omlouvám se spustil jsem opět scan tady je ten log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Bucek (06-01-2022 21:01:39) Run:1
Running from C:\Users\Bucek\Desktop
Loaded Profiles: Bucek
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe => No File
FirewallRules: [{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{653150C8-71F1-4637-9ECD-AEA7AE1D969B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{84035C37-C8A1-4F6F-9DEF-8680119F09D3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\...\Run: [Adobe Acrobat Synchronizer] => "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" (No File)
Task: {3409F1ED-FA81-4396-9D14-99FC79CC5C2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {9C59C47A-85D8-408C-AAE8-177F8A5AE591} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-09] (Google LLC -> Google LLC)
Task: {CDF64466-05E2-4E38-B001-56ED6AA4522F} - System32\Tasks\ContentManagement => C:\Users\Bucek\AppData\Roaming\Unarchiver\Unarchiver.exe [275126102 2021-05-12] (Unarchiver) [File not signed] <==== ATTENTION
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0D6E5525-260B-49C7-810D-34F03C4A03B9}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{30349753-001E-4335-81F1-1B92825D7337}C:\program files\windowsapps\spotifyab.spotifymusic_1.158.820.0_x86__zpdnekdrzrea0\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BEB8CD59-74D9-42D3-8F0B-AB7E704C7970}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F87FCAD0-49E6-4DED-B7D5-9E59B9F505ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{653150C8-71F1-4637-9ECD-AEA7AE1D969B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84035C37-C8A1-4F6F-9DEF-8680119F09D3}" => removed successfully
"HKU\S-1-5-21-3510672185-1141471611-2441468897-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Synchronizer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3409F1ED-FA81-4396-9D14-99FC79CC5C2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3409F1ED-FA81-4396-9D14-99FC79CC5C2F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C59C47A-85D8-408C-AAE8-177F8A5AE591}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C59C47A-85D8-408C-AAE8-177F8A5AE591}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDF64466-05E2-4E38-B001-56ED6AA4522F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDF64466-05E2-4E38-B001-56ED6AA4522F}" => removed successfully
C:\Windows\System32\Tasks\ContentManagement => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ContentManagement" => removed successfully
C:\Program Files\Bonjour => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22270968 B
Java, Flash, Steam htmlcache => 147533992 B
Windows/system/drivers => 5626029 B
Edge => 0 B
Chrome => 506858378 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 88646 B
NetworkService => 425490 B
Bucek => 718038277 B

RecycleBin => 473628498 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:02:22 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Nedostatek paměti

#14 Příspěvek od Rudy »

OK, to je ono, Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Nedostatek paměti

#15 Příspěvek od Bucek »

to musím hrát hry vždycky to začalo cca po 6 h hraní takže to musím vyzkoušet. doufám že to pomůže jelikož je to velmi nepříjemné když vám v polovině hry začne padat hra . Zatím mnohokrát děkuji a doufám v úspěch. akorád by mě zajímalo co tam mohlo být špatně myslím že asi vir né jelikož nikde zbytečně nesurfuji. Ještě jednou zatím dík :)

Odpovědět