VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=158528

Stránka 1 z 1

Prosím o preventivní kontrolu

Napsal: 05 úno 2022 07:32
od Vicious
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by Petr (administrator) on DESKTOP-8PRS1UO (HP HP Pavilion Gaming Desktop TG01-1xxx) (05-02-2022 07:20:57)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.434 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
(AO Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server-v2.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe <7>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe
(HP Inc.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.7.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\HP.myHP.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_78a6016d246f965a\RstMwService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe <12>
(Microsoft Corporation) [File not signed] C:\Users\fugat\AppData\Roaming\uTorrent\share\NCFUHASQMSMUHMAS.exe <5>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <5>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_2f459837bde8cd82\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe <2>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [10731728 2022-01-31] (My.Com B.V. -> )
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [uTorrent] => C:\Users\fugat\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-11-14] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\MountPoints2: {932a5a4f-7480-11ec-a554-d41b8185e37e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\windows\system32\hpf3l70w.dll [136704 2009-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A5CE026-5D8E-4B84-93A9-9154C8C23CD8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {14807126-4AF7-449F-9530-042531DE1B70} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {1847F437-33C2-4AF5-89BC-BEC1B3EAC404} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2085BE78-CCCB-45FF-83B2-BF0D4D69091D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {20E94C1F-9C27-4881-B527-6EB3DD0B249D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {25227378-7A15-44F2-856B-E5810F68F81C} - System32\Tasks\RtkAudUService64_BG => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269672 2021-07-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2A02F571-27AD-4A14-9E72-014F72671BD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {2C061C22-AF8D-4FB1-8FF7-B9E24F27148F} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {2C11D142-19AC-4977-8AB0-4321696A84DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {2ED79B36-1289-4297-A176-2636529DD359} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {32FF8BE5-DB7D-42D1-A634-80E5DB665530} - System32\Tasks\NCFUHASQMSMUHMAS_run => C:\Users\fugat\AppData\Roaming\uTorrent\share\NCFUHASQMSMUHMAS.exe [159744 2022-01-19] (Microsoft Corporation) [File not signed]
Task: {48E5821A-6EC6-426E-BD6A-C967E90CB80A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CBC905D-D6F2-4BA3-8971-6FB4051A93B0} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {5E5076C7-FAFC-4ED8-9AF6-0FE87B6A9BB8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6DC6A6E7-E91D-421E-88F8-DCA6034ABABF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {7A6D8466-C72D-45F6-A53E-4886529FDE4A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {7A738DF6-018D-4007-B128-51354F6788EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {842E8525-A855-4436-81E4-0C1924EEE49B} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {89DF5F43-AA93-4F92-B028-B59DB044DABC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {973D9B26-1F37-4ABB-89CC-1A527B52FAEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSA Launcher for HDD => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSALauncher.exe [199856 2022-01-20] (HP Inc. -> HP Inc.)
Task: {9975063A-B3DC-4D8A-9609-EFB450CE2F20} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {A0E2B5F4-4C1A-41B2-9EF0-4B754D878358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {A79595D5-30A8-4FE6-A81A-4FCDCA3FEF41} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AA30EE9B-9CAC-4EB7-A93B-7F26442E3B2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-01-20] (HP Inc. -> HP Inc.)
Task: {AF8D44AF-5504-4821-A7E0-A604C9F1A0A3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C63060E9-E6CC-43F7-BEB4-7A6785AD3ED6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CB9056B7-F2E2-413A-A2D9-52FF916ACE77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D1DE54BE-2C96-4302-8ABE-B2593AF0CB71} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D3C4F1F8-30E4-4749-9A39-C42A7FD8E7D9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DF050A24-B239-42DE-B330-FE87DB5AEAAB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {E55458E0-10CC-4709-8729-4F4A8F574EFA} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {E5F8E437-CE2F-4BD9-B639-A72E5C8BC171} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {F1114ED4-E40F-4DB4-BFFA-C99CB6BEB857} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-03]
Edge Extension: (Ochrana Kaspersky) - C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-01-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-27]
Edge HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-01-19] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2019-07-16] () [File not signed]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2019-07-16] () [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-02-05]
CHR Notifications: Default -> hxxps://www.heureka.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-20]
CHR Extension: (Ochrana Kaspersky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-23]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2021-07-20]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-20]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-20]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-13]
CHR Extension: (Kaspersky Password Manager) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2021-12-15]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-04]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-25]
CHR Extension: (HP Network Check Launcher) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-08-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-07-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-20]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-03]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-03]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\AppHelperCap.exe [757280 2021-12-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\DiagsCap.exe [755184 2021-12-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\NetworkCap.exe [752120 2021-12-02] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe [690168 2021-10-21] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-27] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_6838598e8963231b\x64\SysInfoCap.exe [755192 2021-12-02] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [374920 2022-01-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-20] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\windows\System32\mracsvc.exe [23885544 2022-02-02] (My.Com B.V. -> My.com B.V.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_2f459837bde8cd82\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_2f459837bde8cd82\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-06-05] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2015-03-23] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-11-26] (Microsoft Windows -> Microsoft Corporation)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [287904 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319720 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115968 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [229248 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-24] (Malwarebytes Inc -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23122952 2022-02-02] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62352 2021-11-16] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-05 07:20 - 2022-02-05 07:21 - 000000000 ____D C:\FRST
2022-02-03 11:24 - 2022-02-03 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2022-01-19 13:13 - 2022-01-20 20:02 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-19 08:30 - 2022-01-27 10:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-19 08:30 - 2022-01-19 08:30 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-19 08:30 - 2022-01-19 08:30 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2022-01-19 08:25 - 2022-01-19 08:25 - 000003282 _____ C:\WINDOWS\system32\Tasks\NCFUHASQMSMUHMAS_run
2022-01-19 08:03 - 2022-01-19 08:03 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\uTorrent
2022-01-19 07:56 - 2022-01-19 07:56 - 000000040 ____H C:\752498A50076
2022-01-19 07:56 - 2022-01-19 07:56 - 000000000 ____D C:\Users\Petr
2022-01-17 09:03 - 2022-01-17 09:03 - 000319720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-01-17 09:02 - 2022-01-18 13:11 - 000229248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-01-17 09:02 - 2022-01-17 09:02 - 000287904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-01-17 09:02 - 2022-01-17 09:02 - 000115968 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-01-15 09:37 - 2022-01-15 09:37 - 000000000 ____D C:\Users\fugat\AppData\Local\SolidDocuments
2022-01-14 20:01 - 2022-01-11 00:54 - 000039080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-14 19:54 - 2022-01-11 13:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-14 19:54 - 2022-01-11 13:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-14 19:54 - 2022-01-11 13:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-14 19:54 - 2022-01-11 13:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-14 19:54 - 2022-01-11 13:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-14 19:54 - 2022-01-11 13:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-14 19:54 - 2022-01-11 13:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-14 19:53 - 2022-01-11 13:25 - 042270168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2022-01-14 19:53 - 2022-01-11 13:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-14 19:53 - 2022-01-11 13:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-14 19:53 - 2022-01-11 13:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-14 19:53 - 2022-01-11 13:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-14 19:53 - 2022-01-11 13:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-14 19:53 - 2022-01-11 13:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-14 19:53 - 2022-01-11 13:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-14 19:53 - 2022-01-11 13:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-14 19:53 - 2022-01-11 13:24 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-14 19:53 - 2022-01-11 13:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-14 19:53 - 2022-01-11 13:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-14 19:53 - 2022-01-11 13:23 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-14 19:53 - 2022-01-11 13:23 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-14 19:53 - 2022-01-11 13:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-14 19:53 - 2022-01-11 13:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-14 19:53 - 2022-01-11 13:21 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-14 19:53 - 2022-01-11 00:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-13 20:03 - 2022-02-01 07:05 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-01-12 10:12 - 2022-01-12 10:12 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 10:12 - 2022-01-12 10:12 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 10:12 - 2022-01-12 10:12 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll
2022-01-12 10:12 - 2022-01-12 10:12 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll
2022-01-12 10:12 - 2022-01-12 10:12 - 000015050 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-12 10:10 - 2022-01-12 10:10 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-05 07:22 - 2021-07-20 20:26 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-02-05 07:07 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-05 07:07 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-05 07:06 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-05 06:57 - 2021-07-20 16:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-05 06:27 - 2021-07-20 20:11 - 000000000 ____D C:\Program Files\CCleaner
2022-02-05 06:22 - 2021-07-20 21:14 - 000000000 ___RD C:\Users\fugat\Disk Google
2022-02-05 06:22 - 2021-07-20 17:15 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-02-05 06:22 - 2021-07-20 16:13 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-02-05 06:22 - 2021-07-20 16:05 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-05 06:21 - 2021-05-24 10:03 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-04 17:37 - 2021-05-24 09:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-04 14:46 - 2021-10-11 12:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-03 11:25 - 2021-07-20 20:42 - 000000000 ____D C:\ProgramData\Garmin
2022-02-03 11:24 - 2021-10-11 12:55 - 000003624 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2022-02-03 11:24 - 2021-07-20 20:42 - 000000000 ____D C:\Program Files (x86)\Garmin
2022-02-03 11:24 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-03 11:24 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-02-03 11:24 - 2021-05-24 10:03 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-02 16:58 - 2021-09-01 16:57 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-02-02 16:35 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-02 16:08 - 2021-07-31 20:04 - 023885544 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-02-02 16:08 - 2021-07-31 20:04 - 023122952 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-02-02 14:19 - 2021-10-11 13:00 - 001864254 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-02 14:19 - 2021-06-05 18:20 - 000760348 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-02 14:19 - 2021-06-05 18:20 - 000168690 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-02 14:12 - 2021-10-11 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-02 14:12 - 2021-07-20 16:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-02 14:12 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-02 14:12 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-02 14:12 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2022-02-01 07:05 - 2021-12-22 13:35 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-01-31 20:36 - 2021-10-11 12:39 - 000613128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-31 07:06 - 2021-07-20 15:53 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-01-29 14:50 - 2021-06-05 13:01 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2022-01-28 14:46 - 2021-07-20 20:35 - 000000000 ____D C:\VueScan
2022-01-28 06:31 - 2021-11-18 06:26 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7be96822141e5
2022-01-28 06:31 - 2021-10-11 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 06:19 - 2021-09-08 10:42 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-01-26 19:36 - 2021-10-11 12:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1361824842-2506618223-1174349613-1001
2022-01-26 19:36 - 2021-07-20 15:42 - 000002388 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-26 08:13 - 2021-10-11 12:55 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 17:19 - 2021-07-20 16:02 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-21 06:52 - 2021-10-11 12:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 06:52 - 2021-10-11 12:55 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 20:02 - 2021-07-24 07:39 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-20 20:02 - 2021-07-24 07:38 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-20 20:01 - 2021-07-24 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-20 20:01 - 2021-07-24 07:38 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-19 11:18 - 2021-07-21 07:34 - 000000000 ____D C:\Users\fugat\AppData\Roaming\uTorrent
2022-01-19 09:09 - 2021-07-21 10:41 - 000000000 ____D C:\Users\fugat\AppData\Local\ElevatedDiagnostics
2022-01-19 09:09 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-19 08:30 - 2021-07-21 08:30 - 000000000 ____D C:\ProgramData\Adobe
2022-01-19 08:03 - 2021-07-21 07:36 - 000000000 ____D C:\Users\fugat\AppData\Local\BitTorrentHelper
2022-01-15 09:37 - 2021-07-20 15:53 - 000000000 ____D C:\Users\fugat\AppData\Roaming\Adobe
2022-01-15 09:37 - 2021-07-20 15:53 - 000000000 ____D C:\Users\fugat\AppData\Local\Packages
2022-01-15 06:35 - 2021-07-21 08:30 - 000000000 ____D C:\Users\fugat\AppData\Local\Adobe
2022-01-14 20:02 - 2021-07-22 11:50 - 000000000 ____D C:\Users\fugat\AppData\Local\NVIDIA
2022-01-14 19:50 - 2021-10-11 12:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-10-11 12:55 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-14 19:50 - 2021-07-20 15:55 - 000000000 ____D C:\Users\fugat\AppData\Local\NVIDIA Corporation
2022-01-14 19:50 - 2021-05-24 10:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-14 19:50 - 2021-05-24 10:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-14 19:50 - 2021-05-24 10:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-01-14 16:34 - 2021-05-24 10:01 - 000000000 ____D C:\ProgramData\Packages
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 10:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-12 10:15 - 2021-07-21 12:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-12 10:13 - 2021-07-21 12:12 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-12 10:13 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-11 13:21 - 2021-09-20 18:56 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-11 00:54 - 2021-09-20 18:56 - 000118952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== Files in the root of some directories ========

2021-08-30 11:53 - 2021-08-30 11:53 - 000058039 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2021-08-30 11:52 - 2021-08-30 11:52 - 000001212 _____ () C:\Program Files (x86)\Player Setup Log.txt
2021-07-24 13:10 - 2021-08-01 09:41 - 000012288 _____ () C:\Users\fugat\AppData\Roaming\emp.bin
2021-07-21 08:40 - 2022-01-19 07:56 - 000000205 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log
2021-07-20 20:03 - 2021-07-20 20:03 - 000000017 _____ () C:\Users\fugat\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by Petr (05-02-2022 07:22:23)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.434 (X64) (2021-10-11 11:55:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1361824842-2506618223-1174349613-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1361824842-2506618223-1174349613-503 - Limited - Disabled)
Guest (S-1-5-21-1361824842-2506618223-1174349613-501 - Limited - Disabled)
Petr (S-1-5-21-1361824842-2506618223-1174349613-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-1361824842-2506618223-1174349613-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{4012E407-3BB2-443D-95D0-FC6662AA2E50}) (Version: 2.5.3850 - Famatech)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.5.1 (x64 cs)) (Version: 91.5.1 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\GameCenter) (Version: 4.1633 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 511.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
UGRSPlayer (HKLM-x32\...\{8643351A-E926-416F-95F3-90019BFF55B3}) (Version: 2.3.1 - UGRSPlayer)
VueScan (HKLM\...\VueScan) (Version: - )
Warface My.Com (HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\Warface My.Com) (Version: 1.222 - MY.GAMES)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat DC -> C:\Program Files (x86)\Adobe\Acrobat DC [2022-01-19] (0)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-07-24] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2021-07-21] (Priceline Partner Network)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2021-07-20] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.26.249.0_x64__v10z8vjag6ke6 [2021-09-08] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.0.0_x64__v10z8vjag6ke6 [2021-10-16] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-07-21] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.8710.0_x64__v10z8vjag6ke6 [2022-01-11] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.13.85.0_x64__v10z8vjag6ke6 [2022-01-26] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-20] (HP Inc.)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.7.0.0_x64__0a78dr3hq0pvt [2022-01-22] (HP Inc.) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1021.0_x64__8j3eq9eme6ctt [2021-12-03] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-11] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10201.5809.0_x64__8wekyb3d8bbwe [2022-02-04] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6 [2021-11-02] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-11] (NVIDIA Corp.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-10-08] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-05] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-31] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_2f459837bde8cd82\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-07-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-07-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat ()
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge

==================== Loaded Modules (Whitelisted) =============

2020-11-27 03:38 - 2020-11-27 03:38 - 000961536 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-27 03:38 - 2020-11-27 03:38 - 001446400 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2022-01-12 11:08 - 2022-01-12 11:08 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-11-18 09:14 - 2020-11-18 09:14 - 117340672 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-11-18 07:40 - 2020-11-18 07:40 - 000323072 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2020-11-18 07:40 - 2020-11-18 07:40 - 005441536 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2021-10-16 08:31 - 2021-10-16 08:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2020-03-07 15:27 - 2020-03-07 15:27 - 101687296 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\80.3987.2146\libcef.dll
2020-03-07 02:44 - 2020-03-07 02:44 - 000333824 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\80.3987.2146\swiftshader\libegl.dll
2020-03-07 02:44 - 2020-03-07 02:44 - 003011584 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\80.3987.2146\swiftshader\libglesv2.dll
2021-07-20 16:13 - 2021-07-20 16:13 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2021-10-16 07:18 - 2021-10-16 07:18 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\c705605b7e7843ccbaa94d87131baf87\Interop.IWshRuntimeLibrary.ni.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-01-12 11:08 - 2022-01-12 11:08 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2022-01-12 11:12 - 2022-01-12 11:12 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2021-10-16 08:31 - 2021-10-16 08:31 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\yoga.dll
2022-01-12 11:08 - 2022-01-12 11:08 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2022-01-12 11:08 - 2022-01-12 11:08 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2021-11-26 15:08 - 2021-11-26 15:08 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\dc273be487d2d5d49c31cff61fe5eabb\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 19:05 - 2022-01-19 19:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 08:31 - 2021-10-16 08:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2021-07-20 16:13 - 2021-07-20 16:13 - 000158720 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2021-11-26 15:13 - 2021-11-26 15:13 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\2cb88fc1deefc0516298cfb496b43894\NAudio.ni.dll
2021-12-10 06:47 - 2021-12-10 06:47 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2021-11-26 15:08 - 2021-11-26 15:08 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\0da7c4b9cf67d1e77aa58f0e4b1837da\Newtonsoft.Json.ni.dll
2022-01-12 11:10 - 2022-01-12 11:10 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2022-01-13 06:55 - 2022-01-13 06:55 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\df5f7db35f3a2ae56cbae671b153fd0f\log4net.ni.dll
2021-07-20 16:13 - 2021-07-20 16:13 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2020-11-18 07:39 - 2020-11-18 07:39 - 000843264 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2020-03-07 08:03 - 2020-03-07 08:03 - 000822784 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\80.3987.2146\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1361824842-2506618223-1174349613-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-01-20] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-01-20] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-01-19 09:04 - 000001022 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 3: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C4713C5C-1827-4A8B-BEB4-7513474CB880}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C2DF05C2-38A7-4EC8-9D20-4EF5C6B2CAF1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D060E07-E75E-46CE-B709-0251E538F067}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{FC8E31FB-FE3A-4183-873A-3F497A833AB3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{9B18D631-2D98-43F3-AE3D-32D7898F13A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B44A9CB1-FF6E-46C6-A305-2526FC2060D2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{DEB5FBA1-6024-4EAA-8528-5DD0AF919D85}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B5E4A4FE-93F9-4A4E-ACDC-A262B5717255}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B0B90082-AC99-4863-8920-7EA5CB772047}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0CFEACA2-8B3E-4393-AC7F-0D74D6BC11A8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{CF88D02E-F598-4D0C-BD65-346DF46B60DB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{BF9DCC39-8C12-4016-A6FE-CA001A5CF34E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{60A16393-FB19-48EE-BA98-1B1F127B6718}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2532B166-C4DC-4AFA-951D-A32E2387721B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{DBAD5823-2C74-42EB-B190-1E19F12E6C1F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{109B1ECA-D5E7-4086-8893-83099B9A3AFB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8C9ED934-58F6-40DD-BCCA-1B8A1D82969B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{D810B0F9-0CC2-42F0-A080-45AE941E145C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{1D6D0D31-CE4C-44CB-81DA-A447D454BCFD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{1888B668-31B8-46C0-9E0D-60BE16B87DA7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.7.3.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe (HP Inc. -> HP Inc)
FirewallRules: [{7119CA49-4DA1-483D-9F9A-53659A24346D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C70D90F4-BC56-4330-8A9D-57419D4A7F50}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{421084BF-F133-4218-A15F-6E0AD4536A2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A72C4F87-A4A3-408C-8E93-3C106026427A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A419DCA8-4DE2-415F-940C-F8B60C7D1BCA}] => (Allow) C:\Users\fugat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6FA0B415-FD80-4440-BB17-FB863853BA3E}] => (Allow) C:\Users\fugat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{9CE97E8C-33E6-4171-A1BC-3115E535EA84}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [TCP Query User{2A65A005-992F-47E6-A32B-3A5FDF4F85D6}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{94F0F287-E1E5-4BDC-AEC2-1965668DD42E}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{C46E7E43-3F23-45F4-8CDE-C759E286CE08}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2878E350-4A02-4C5D-B8F1-C4EA0A1C06C9}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{21C107EF-53F7-4468-B989-7E4F6B03A374}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{C8EA439D-9C11-4144-B32D-4C6D5BC1708F}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{CC9F2C4A-3618-4DD9-9259-E6FC61DE9A99}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4E5716E3-F790-4A10-8258-F170C7558B61}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31886EE9-C2E9-4763-97D5-335ACF082678}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8DEB6A0E-A447-4A68-83C9-103B3B7C4C26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAB717FA-9719-4353-A48E-3F4CB2F3F38A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B746B814-630A-4E53-8AE8-FE43E76094B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4C9BBD25-8D00-4864-A2CA-498B24FB9D5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{521DCD0D-C403-4D27-966E-3C3F8C083F3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CF6F03BF-D6F6-4E9D-991E-A2BF9078A9DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{396F5B7E-2605-44B1-9B28-71AB22732F83}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A76BDD23-4D69-431C-83BD-89F53D0A71B9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CB289703-DE4C-4242-9DC4-B15A8D4D46C5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE5BAB90-2A44-4EB2-AC29-2CC194EDD535}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A7EF4B4-E513-4BD7-92B5-404F7429EBBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{348B3961-7E6D-4A27-A9D6-DD04CCB4D27C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{13DABEFC-0913-48A1-A2F3-8553867413B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{815B3A25-74A4-47B9-B9FD-5B7A26FCB69F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77CB9DE6-D713-4859-B2E3-F3292FF93BE1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2E694E7E-C743-4F2D-B608-C0A23D6E1587}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28DC3C8A-D8EF-4F48-A16B-5418BB951A4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB15397A-141C-470D-8B8F-AF5434D168CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

19-01-2022 08:30:08 Installed Adobe Acrobat DC.
26-01-2022 16:00:55 Naplánovaný kontrolní bod
03-02-2022 11:24:26 Garmin Express

==================== Faulty Device Manager Devices ============

Name: Realtek RTL8822CE 802.11ac PCIe Adapter
Description: Realtek RTL8822CE 802.11ac PCIe Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/05/2022 07:22:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NCFUHASQMSMUHMAS.exe, verze: 10.0.22000.1, časové razítko: 0x55b35efd
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x2ab4
Čas spuštění chybující aplikace: 0x01d81a504ce4f6ab
Cesta k chybující aplikaci: C:\Users\fugat\AppData\Roaming\uTorrent\share\NCFUHASQMSMUHMAS.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: bc405c92-5d34-4a56-acf8-fbc2e394cedf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 06:58:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Název chybujícího modulu: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000013fb004
ID chybujícího procesu: 0x4e04
Čas spuštění chybující aplikace: 0x01d819efe6587cec
Cesta k chybující aplikaci: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
Cesta k chybujícímu modulu: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
ID zprávy: ffbbbcd7-1a45-44af-ac09-d4f2f29a4535
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 06:51:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Název chybujícího modulu: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000013fb004
ID chybujícího procesu: 0x1ac8
Čas spuštění chybující aplikace: 0x01d819ec630371ce
Cesta k chybující aplikaci: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
Cesta k chybujícímu modulu: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
ID zprávy: 5b27c313-f4c7-450f-8d4a-99b0fb1845aa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 06:26:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Název chybujícího modulu: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000013fb004
ID chybujícího procesu: 0x2a90
Čas spuštění chybující aplikace: 0x01d819e71c45484b
Cesta k chybující aplikaci: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
Cesta k chybujícímu modulu: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
ID zprávy: da883c71-a60c-43e7-b078-e1ef08617d1b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 05:48:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Název chybujícího modulu: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000013fb004
ID chybujícího procesu: 0x296c
Čas spuštění chybující aplikace: 0x01d819d926e87fb8
Cesta k chybující aplikaci: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
Cesta k chybujícímu modulu: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
ID zprávy: a9cd53c6-0536-4cbe-bf5d-9a902e1eb6e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 05:07:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NCFUHASQMSMUHMAS.exe, verze: 10.0.22000.1, časové razítko: 0x55b35efd
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x2d68
Čas spuštění chybující aplikace: 0x01d819d8fd33116b
Cesta k chybující aplikaci: C:\Users\fugat\AppData\Roaming\uTorrent\share\NCFUHASQMSMUHMAS.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5d64cafa-743b-47d7-9815-006d249f0203
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/04/2022 12:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NCFUHASQMSMUHMAS.exe, verze: 10.0.22000.1, časové razítko: 0x55b35efd
Název chybujícího modulu: msvcrt.dll, verze: 7.0.22000.1, časové razítko: 0x90483ed2
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000332bb
ID chybujícího procesu: 0x563c
Čas spuštění chybující aplikace: 0x01d819b08b7962eb
Cesta k chybující aplikaci: C:\Users\fugat\AppData\Roaming\uTorrent\share\NCFUHASQMSMUHMAS.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msvcrt.dll
ID zprávy: 99843426-9df0-4c25-bb05-6d8d373e1dab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/03/2022 07:40:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Název chybujícího modulu: Game.exe, verze: 1.2.2.54274, časové razítko: 0x61f25964
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000013fb004
ID chybujícího procesu: 0x3420
Čas spuštění chybující aplikace: 0x01d8192775f0ca65
Cesta k chybující aplikaci: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
Cesta k chybujícímu modulu: C:\MyGames\Warface My.Com\Bin64Release\Game.exe
ID zprávy: e299607d-93f7-49eb-9d1b-e84460c2b26d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/05/2022 07:07:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/05/2022 06:21:55 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (02/04/2022 04:07:54 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (02/04/2022 02:47:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4R32N-Microsoft.WindowsFeedbackHub.

Error: (02/04/2022 02:22:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (02/04/2022 11:18:22 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (02/04/2022 06:52:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (02/03/2022 10:07:41 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.


CodeIntegrity:
===============
Date: 2022-02-05 06:22:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ਍


==================== Memory info ===========================

BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 37%
Total physical RAM: 16249.75 MB
Available physical RAM: 10195.02 MB
Total Virtual: 18681.75 MB
Available Virtual: 7613 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:240.36 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:763.44 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:165.88 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:4.1 GB) FAT32

\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.04 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Prosím o preventivní kontrolu

Napsal: 06 úno 2022 19:00
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\MountPoints2: {932a5a4f-7480-11ec-a554-d41b8185e37e} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {2C11D142-19AC-4977-8AB0-4321696A84DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {A0E2B5F4-4C1A-41B2-9EF0-4B754D878358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {CB9056B7-F2E2-413A-A2D9-52FF916ACE77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
Uložte do C:\Users\fugat\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o preventivní kontrolu

Napsal: 06 úno 2022 20:07
od Vicious
Zdravím,
zjistil jsem, že se mi v klidu rozjede procesor na100%, nevím coto dělá.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by Petr (06-02-2022 19:50:31) Run:1
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\...\MountPoints2: {932a5a4f-7480-11ec-a554-d41b8185e37e} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {2C11D142-19AC-4977-8AB0-4321696A84DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {A0E2B5F4-4C1A-41B2-9EF0-4B754D878358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154520 2021-07-20] (Google LLC -> Google LLC)
Task: {CB9056B7-F2E2-413A-A2D9-52FF916ACE77} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1361824842-2506618223-1174349613-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{932a5a4f-7480-11ec-a554-d41b8185e37e} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C11D142-19AC-4977-8AB0-4321696A84DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C11D142-19AC-4977-8AB0-4321696A84DB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0E2B5F4-4C1A-41B2-9EF0-4B754D878358}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0E2B5F4-4C1A-41B2-9EF0-4B754D878358}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB9056B7-F2E2-413A-A2D9-52FF916ACE77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB9056B7-F2E2-413A-A2D9-52FF916ACE77}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8526857 B
Java, Flash, Steam htmlcache => 1128 B
Windows/system/drivers => 8524101 B
Edge => 0 B
Chrome => 387359884 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14994 B
NetworkService => 14994 B

Re: Prosím o preventivní kontrolu

Napsal: 06 úno 2022 20:52
od Rudy
Smazáno, log by již měl být OK.

Re: Prosím o preventivní kontrolu

Napsal: 07 úno 2022 06:14
od Vicious
Děkuji

Re: Prosím o preventivní kontrolu

Napsal: 07 úno 2022 10:14
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz